Finding Suspects Isn’t the Problem

by on December 18, 2006 · 4 comments

I’ve just finished reading Cato’s new paper on predictive data mining as an anti-terrorism strategy, which co-author Jim Harper discussed last week. It is excellent, and I encourage you to read it. I found this part particularly interesting:

The terrorists not only operated in plain sight, they were interconnected. They lived together, shared P.O. boxes and frequent flyer numbers, used the same credit card numbers to make airline travel reservations, and made reservations using common addresses and contact phone numbers. For example, al-Mihdhar and Nawaf al-Hazmi lived together in San Diego. Hamza al-Ghamdi and Mohand al-Shehri rented Box 260 at a Mail Boxes Etc. for a year in Delray Beach, Florida. Hani Hanjour and Majed Moqed rented an apartment together at 486 Union Avenue, Patterson, New Jersey. Atta stayed with Marwan al-Shehhi at the Hamlet Country Club in Delray Beach, Florida. Later, they checked into the Panther Inn in Deerfield Beach together.

When Ahmed al-Nami applied for his Florida ID card he provided the same address that was used by Nawaf al-Hazmi and Saeed al-Ghamdi. Wail al-Shehri purchased plane tickets using the same address and phone number as Waleed al-Shehri. Nawaf al-Hazmi and Salem al-Hazmi booked tickets through Travelocity.com using the same Fort Lee, New Jersey, address and the same Visa card. Abdulaziz al-Omari purchased his ticket via the American Airlines website and used Atta’s frequent flyer number and the same Visa card and address as Atta (the same address used by Marwan al-Shehhi). The phone number al-Omari used on his plane reservation was also the same as that of Atta and Wail and Waleed al-Shehri. Hani Hanjour and Majed Moqed rented room 343 at the Valencia Hotel on Route 1 in Laurel, Maryland; they were joined by al-Mihdhar, Nawaf al-Hazmi, and Salem al-Hazmi. While these are plentiful examples of the 9/11 terrorists’ interconnectedness, even more connections existed.

If data mining were useful, it would be in the first step of the investigation process–the part where investigators get leads for further study. In the most optimistic scenario, data mining can only point to people and activities that might be suspicious. It’s up to human investigators to pick up those leads and follow up on them.

But the problem with the 9/11 reports was not a shortage of leads. We already knew that several of the 9/11 hijackers were affiliated with Al Qaeda, that they had traveled to Afghanistan, that they had been connected to previous terrorist attacks, etc. What was needed was more manpower focused on the leads we already had. We needed several dozen investigators to go out and start investigating the terrorists we already knew were in the country. Had they tapped their phones, subpoenaed their credit card records, and talked to the relevant intelligence experts at the CIA, FBI, State Department, and other agencies, they would have quickly discovered all the information that data mining would have uncovered, and then some.

If anything, the problem was that our intelligence and law enforcement resources were stretched too thin. One of the 9/11 hijackers was literally on an FBI agent’s “to do” list. Throwing tens of thousands of additional leads on the pile (and we’ll be lucky if we can get the number of false positives down to the tens of thousands) will just stretch those resources even thinner.

The paper makes some other good points as well, so I encourage you to go check it out.

Comments on this entry are closed.

Previous post:

Next post: