Sunday, February 12, 2006

Schneier and Paulos on automated wiretapping

Security and cryptography expert Bruce Schneier gave a talk yesterday to the ACLU Washington's membership conference at which he argued that massive automated wiretapping generates too many false alarms to be useful, as described in the Seattle Times. As a commenter on Schneier's blog notes, mathematician John Allen Paulos (author of Innumeracy and A Mathematician Plays the Stock Market, both of which I highly recommend), writing in a New York Times op-ed titled "Panning for Terrorists," makes the same point.

The problem is essentially the same one that makes it pointless to engage in programs of blanket drug-testing of grade school children or mandatory HIV testing in order to obtain a marriage license--the population being tested contains such a small number of people who meet the criteria being tested for, which means that even a highly accurate test returns vastly more false positives than true positives.

Paulos points out that a 99-percent-accurate sorting mechanism for detecting terrorist conversations, on a population of 300 million Americans that includes one-in-a-million with terrorist ties (300) will identify 297 of them, along with 3 million innocent Americans. That's 297 true positives and 3 million false positives, producing a new sample population that is .009% terrorists and 99.99% innocent Americans who may be wrongly investigated.

No comments: