[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] NSA will social networking websites "ernten"

To: "Infowar.de" <infowar - de -! - infopeace - de>, Neue Medien <neue-medien -! - listi - jpberlin - de>
Subject: [infowar.de] NSA will social networking websites "ernten"
From: Ralf Bendrath <bendrath -! - zedat - fu-berlin - de>
Date: Thu, 08 Jun 2006 20:24:24 +0200
Mailing-list: contact infowar - de-help -! - infopeace - de; run by ezmlm

Ich sag ja schon seit ner Weile[1], dass die Privacy-Implikationen vonWeb2.0 noch viel zu wenig bedacht und diskutiert wurden.

Vielleicht wird es _so_ deutlicher?
RB
[1] <http://www.netzpolitik.org/2006/riya-flickr-fur-big-brother/>

http://www.newscientist.com/article/mg19025556.200

Pentagon sets its sights on social networking websites

10 June 2006
NewScientist.com news service
Paul Marks

"I AM continually shocked and appalled at the details people voluntarilypost online about themselves." So says Jon Callas, chief security officerat PGP, a Silicon Valley-based maker of encryption software. He is far

from alone in noticing that fast-growing social networking websites such

as MySpace and Friendster are a snoop's dream.

New Scientist has discovered that Pentagon's National Security Agency,which specialises in eavesdropping and code-breaking, is funding researchinto the mass harvesting of the information that people post aboutthemselves on social networks. And it could harness advances in internettechnology - specifically the forthcoming "semantic web" championed by theweb standards organisation W3C - to combine data from social networkingwebsites with details such as banking, retail and property records,allowing the NSA to build extensive, all-embracing personal profiles ofindividuals.

Americans are still reeling from last month's revelations that the NSA hasbeen logging phone calls since the terrorist attacks of 11 September 2001.The Congressional Research Service, which advises the US legislature, saysphone companies that surrendered call records may have acted illegally.However, the White House insists that the terrorist threat makes existingwire-tapping legislation out of date and is urging Congress not toinvestigate the NSA's action.

Meanwhile, the NSA is pursuing its plans to tap the web, since phone logshave limited scope. They can only be used to build a very basic picture ofsomeone's contact network, a process sometimes called "connecting thedots". Clusters of people in highly connected groups become apparent, asdo people with few connections who appear to be the intermediaries betweensuch groups. The idea is to see by how many links or "degrees" separatepeople from, say, a member of a blacklisted organisation.

By adding online social networking data to its phone analyses, the NSAcould connect people at deeper levels, through shared activities, such astaking flying lessons. Typically, online social networking sites askmembers to enter details of their immediate and extended circles offriends, whose blogs they might follow. People often list other facets oftheir personality including political, sexual, entertainment, media andsporting preferences too. Some go much further, and a few have lost theirjobs by publicly describing drinking and drug-taking exploits. Youngpeople have even been barred from the orthodox religious colleges thatthey are enrolled in for revealing online that they are gay.

"You should always assume anything you write online is stapled to yourresumé. People don't realise you get Googled just to get a job interviewthese days," says Callas.

Other data the NSA could combine with social networking details includesinformation on purchases, where we go (available from cellphone records,which cite the base station a call came from) and what major financialtransactions we make, such as buying a house.

“You should always assume anything you write online is stapled to your resumé”

Right now this is difficult to do because today's web is stuffed with datain incompatible formats. Enter the semantic web, which aims to iron outthese incompatibilities over the next few years via a common datastructure called the Resource Description Framework (RDF). W3C hopes thatone day every website will use RDF to give each type of data a unique,predefined, unambiguous tag.

"RDF turns the web into a kind of universal spreadsheet that is readableby computers as well as people," says David de Roure at the University ofSouthampton in the UK, who is an adviser to W3C. "It means that you willbe able to ask a website questions you couldn't ask before, or performcalculations on the data it contains." In a health record, for instance, aheart attack will have the same semantic tag as its more technicaldescription, a myocardial infarction. Previously, they would have lookedlike separate medical conditions. Each piece of numerical data, such asthe rate of inflation or the number of people killed on the roads, willalso get a tag.

The advantages for scientists, for instance, could be huge: they will haveunprecedented access to each other's experimental datasets and will beable to perform their own analyses on them. Searching for products such asholidays will become easier as price and availability dates will havesmart tags, allowing powerful searches across hundreds of sites.

On the downside, this ease of use will also make prying into people'slives a breeze. No plan to mine social networks via the semantic web hasbeen announced by the NSA, but its interest in the technology is evidentin a funding footnote to a research paper delivered at the W3C's WWW2006conference in Edinburgh, UK, in late May.

That paper, entitled Semantic Analytics on Social Networks, by a researchteam led by Amit Sheth of the University of Georgia in Athens and AnupamJoshi of the University of Maryland in Baltimore reveals how data fromonline social networks and other databases can be combined to uncoverfacts about people. The footnote said the work was part-funded by anorganisation called ARDA.

What is ARDA? It stands for Advanced Research Development Activity.According to a report entitled Data Mining and Homeland Security,published by the Congressional Research Service in January, ARDA's role isto spend NSA money on research that can "solve some of the most criticalproblems facing the US intelligence community". Chief among ARDA's aims isto make sense of the massive amounts of data the NSA collects - some ofits sources grow by around 4 million gigabytes a month.

The ever-growing online social networks are part of the flood of internetinformation that could be mined: some of the top sites like MySpace nowhave more than 80 million members (see Graph).

The research ARDA funded was designed to see if the semantic web could beeasily used to connect people. The research team chose to address asubject close to their academic hearts: detecting conflicts of interest inscientific peer review. Friends cannot peer review each other's researchpapers, nor can people who have previously co-authored work together.

So the team developed software that combined data from the RDF tags ofonline social network Friend of a Friend (www.foaf-project.org), wherepeople simply outline who is in their circle of friends, and asemantically tagged commercial bibliographic database called DBLP, whichlists the authors of computer science papers.

Joshi says their system found conflicts between potential reviewers andauthors pitching papers for an internet conference. "It certainly maderelationship finding between people much easier," Joshi says. "It pickedup softer [non-obvious] conflicts we would not have seen before."

The technology will work in exactly the same way for intelligence andnational security agencies and for financial dealings, such as detectinginsider trading, the authors say. Linking "who knows who" with purchasingor bank records could highlight groups of terrorists, money launderers orblacklisted groups, says Sheth.

The NSA recently changed ARDA's name to the Disruptive Technology Office.The DTO's interest in online social network analysis echoes the Pentagon'scontroversial post 9/11 Total Information Awareness (TIA) initiative. Thatprogramme, designed to collect, track and analyse online data trails, wassuspended after a public furore over privacy in 2002. But elements of theTIA were incorporated into the Pentagon's classified programme in theSeptember 2003 Defense Appropriations Act.

Privacy groups worry that "automated intelligence profiling" could sullypeople's reputations or even lead to miscarriages of justice - especiallysince the data from social networking sites may often be inaccurate,untrue or incomplete, De Roure warns.

But Tim Finin, a colleague of Joshi's, thinks the spread of suchtechnology is unstoppable. "Information is getting easier to merge, fuseand draw inferences from. There is money to be made and control to begained in doing so. And I don't see much that will stop it," he says.

Callas thinks people have to wise up to how much information aboutthemselves they should divulge on public websites. It may sound obvious,he says, but being discreet is a big part of maintaining privacy. Time,perhaps, to hit the delete button.


From issue 2555 of New Scientist magazine, 10 June 2006, page 30

---------------------------------------------------------------------
To unsubscribe, e-mail: infowar -
de-unsubscribe -!
- infopeace -
de
For additional commands, e-mail: infowar -
de-help -!
- infopeace -
de

Prev by Date: [infowar.de] (Fwd) weapons in circumterrestrial space
Next by Date: [infowar.de] (Fwd) Tagber: Krieg und Militaer im Spannungsfeld zwischen Ver
Previous by thread: [infowar.de] (Fwd) weapons in circumterrestrial space
Next by thread: [infowar.de] (Fwd) Tagber: Krieg und Militaer im Spannungsfeld zwischen Ver
Index(es):
- Date
- Thread