NSA misses big picture in phone monitoring, says CISAC fellow

The National Security Agency is a riddle wrapped in a mystery inside a code. Secrets lie within. Located in Fort Meade, Md., it dwarfs the CIA. Its budget is black, unknown. And, most disturbing of all, it is the world's largest employer of mathematicians.

One of its secrets, recently revealed, is that it's monitoring millions of phone calls to learn just who was calling whom. (Technically, only telephone numbers are being recorded, but you don't have to be Q from James Bond to get a name from a number.) This information was being used to determine who might be a terrorist.

Legal or not, the spying program isn't worth violating our civil liberties for. The information one can glean will hardly help us win the war on terror.

With the NSA data, you can draw a picture with nodes or dots representing individuals, and lines between nodes if one person has called another. Mathematicians who work with pictures like this are called graph theorists. The field of social network analysis deals with trying to determine information about a group from such a graph, such as who the key players are or who the cell leaders might be.

But even when you know everyone in the graph is a terrorist, graphs don't contain information about the order or hierarchy of the cell. Researchers look instead for graph features like centrality: They try to identify nodes that are connected to a lot of other nodes, like spokes around the hub of a bicycle wheel. Monterey Naval Postgraduate School researcher Ted Lewis, in his textbook "Critical Infrastructure Protection," defines a critical node to be such a central hub.

There are two problems. First, the central player might not be as important as the hub metaphor suggests. Jafar Adibi of the University of Southern California looked at e-mail traffic between Enron employees before Enron collapsed, and drew the graph. He found that if you naively analyzed the graph, you could mistakenly conclude that one of the central players was CEO Ken Lay's ... secretary. But that wasn't the person who ran the company into the ground.

Second, as the journal Studies in Conflict and Terrorism reported in 2003, you can kill all the central players in a terrorist cell and still leave the cell with a complete chain of command -- still capable of carrying out a devastating attack.

Expert Kathleen Carley of Carnegie Mellon was able to correctly predict -- twice -- who would take over Hamas when its leaders were assassinated, and her analysis used detailed information about the individuals in the organization, not just what anonymous nodes were linked with what. The moral is that the graph theory approach is inadequate. For useful results, it's important to utilize the lattice theory approach, which takes into account order and hierarchy.

The other questionable aspect of the NSA spying program is that it seeks to work out who might be a terrorist based on their calling patterns. While I agree that anyone calling 1 (800) AL-QAEDA is probably a terrorist, guilt by association is not just bad law, it's bad mathematics, for three reasons.

The simplest reason is that we're all connected. Not in the Haight-Ashbury/Timothy Leary/late-period-Beatles kind of way, but in the sense of the Kevin Bacon game. Sociologist Stanley Milgram took individuals unknown to each other, separated by a continent, and asked one person to send a package to the other -- but only by sending the package to an individual he or she knew, who could then only send the package to someone he knew, and so on. While Milgram's interpretation of the results has since been questioned, the conclusion that emerged is that it took only six mailings, on average, for each package to reach its intended destination.

For example, President Bush is only three steps away from Osama bin Laden. And terrorist hermits like the Unabomber might be connected only to very few people. So much for guilt by association.

The second reason the NSA methodology is flawed is the concept "strength of weak ties," made famous by Stanford sociologist Mark Granovetter. Robert Spulak of the Joint Special Operations University puts it this way: You might not see your college roommate for 10 years, but if he were to call you up and ask to stay in your apartment, you'd let him. This is the principle under which sleeper cells operate: There is no communication for years. The links between nodes that the NSA is looking for simply might not exist for the real threats.

Formal concept analysis, a branch of lattice theory, helps rectify this situation. Individuals who share many of the same characteristics are grouped together as one node, and links between nodes in this picture, called a concept lattice, indicate that all the members of a certain subgroup, with certain attributes, must also have other attributes. For instance, you might group together people based on what cafés, bookstores and mosques they attend, and then find out that all the people who go to a certain cafe also attend the same mosque (but maybe not vice versa). While this tool has in fact been used by researchers at Los Alamos National Laboratory to sift through hundreds of terrorism-related reports, it's still dangerous to rely on the math.

The NSA data mining is flawed because, as Kennedy and Lincoln buffs know, two people can be a lot alike without being the same person. Even if there is only a 1 in 150 million chance that someone might share the profile of a terrorist suspect, it still means that, in a country the size of the United States, two people might share that profile. One is just minding his own business. The other is Cat Stevens.

This isn't to say mathematicians are useless. In September 2004 -- 10 months before the July 7 bombing of the London Underground -- mathematician Gordon Woo warned that London was a hotbed of jihadist radicalism. But Woo, who works for the Bay Area company Risk Management Solutions, didn't anticipate the bombings using math. He used his knowledge and experience of London, especially the Wood Green area. That's what law enforcement officials should be doing.

As for tracking terrorist financing, it may already be too late. The terrorism of the future, according to mathematician Stefan Schmidt of the Technical University in Dresden, Germany, may be the terrorism of the futures -- when bombs explode, the stock market drops. Schmidt wants to quantify the impact on the market of a terrorist incident. The only people who know when a bomb will explode are the terrorists. By playing the market, they may already have obtained as much money as they need -- in perfectly legitimate ways -- thus stifling Treasury Department efforts to cut off the source of their funding.

Math is just a tool. Used wisely, math can indeed help win the Battle of Britain (by breaking the German codes). But used unwisely -- as seems to be the case in the NSA telephone caper -- your approval rating might just hit an all-time low.