Tag: John Brennan

John Brennan on Countering Terrorism

Earlier today, I attended a lecture at CSIS by John Brennan, a leading counterterrorism and homeland security adviser to President Obama. His speech highlighted some of the key elements of the administration’s counterterrorism strategy, in advance of tomorrow’s release of the National Security Strategy (NSS).

I hope that many people will take the opportunity to read (.pdf) or listen to/watch Brennan’s speech, as opposed to merely reading what other people said that he said. Echoing key themes that Brennan put forward last year, also at CSIS, today’s talk reflected a level of sophistication that is required when addressing the difficult but eminently manageable problem of terrorism.

Brennan was most eloquent in talking about the nature of the struggle. He declared, with emphasis, that the United States is indeed at war with al Qaeda and its affiliates, but not at war with the tactic of terrorism, nor with Islam, a misconception that is widely held both here in the United States and within the Muslim world. He stressed the positive role that Muslim clerics and other leaders within the Muslim community have played in criticizing the misuse of religion to advance a hateful ideology, and he lamented that such condemnations of bin Laden and others have not received enough exposure in the Western media. This inadequate coverage of the debate raging within the Muslim community contributes to the mistaken impression that this is chiefly a religious conflict. It isn’t; or, more accurately, it need not be, unless we make it so.

I also welcomed Brennan’s unabashed defense of a counterterrorism strategy that placed American values at the forefront. These values include a respect for the rule of law, transparency, individual liberty, tolerance, and diversity. And he candidly stated what any responsible policymaker must: no nation can possibly prevent every single attack. In those tragic instances where a determined person slips through the cracks, the goal must be to recover quickly, and to demonstrate a level of resilience that undermines the appeal of terrorism as a tactic in the future.

I had an opportunity to ask Brennan a question about the role of communication in the administration’s counterterrorism strategy. He assured me that there was such a communications strategy, that elements of the strategy would come through in the NSS, and that such elements have informed how the administration has addressed the problem of terrorism from the outset.

This was comforting to hear, and it is consistent with what I’ve observed over the past 16 months. Members of the Obama administration, from the president on down, seem to understand that how you talk about terrorism is as important as how you disrupt terrorist plots, kill or capture terrorist leaders, and otherwise enhance the nation’s physical security. On numerous occasions, the president has stressed that the United States cannot be brought down by a band of murderous thugs. Brennan reiterated that point today. This should be obvious, and yet such comments stand in stark contrast to the apolocalytpic warnings from a few years ago of an evil Islamic caliphate sweeping across the globe.

Talking about terrorism might seem an esoteric point. It isn’t. Indeed, it is a key theme in our just released book, Terrorizing Ourselves: Why U.S. Counterterrorism Policy Is Failing and How to Fix It. Because the object of terrorism is to terrorize, to elicit from a targeted state or people a response, and to (in the terrorists’s wildest dreams) cause the state to waste blood and treasure, or come loose from its ideological moorings, a comprehensive counterterrorism strategy should aim at building a psychologically resilient society. Such a society should possess an accurate understanding of the nature of the threat, a clear sense of what policies or measures are useful in mitigating that threat, and an awareness of how overreaction does the terrorists’s work for them. The true measure of a resilient society, one that isn’t in thrall to the specter of terrorism, is the degree to which it can conduct an adult conversation about the topic.

We aren’t there yet, but I’m encouraged by what I’ve seen so far, and by what I heard today.

The Difficulty With Finding Rare Events in Data

John Brennan, assistant to the president for homeland security and counterterrorism, made the rounds of the Sunday political shows this weekend. He’ll be reviewing the attempted bombing of Northwest flight 253 for the president. 

His appearance on ABC’s This Week program revealed his struggle with the limitations on data mining for counterterrorism purposes. His interviewer, Terry Moran, betrayed even less awareness of the challenge. Their conversation is revealing:

Moran: Who dropped the ball here? Where did the system fail?

Brennan: Well, first of all, there was no single piece of intelligence or “smoking gun,” if you will, that said that Mr. Abdulmutallab was going to carry out this attack against that aircraft. What we had, looking back on it now, were a number of streams of information. We had the information that came from his father, where he was concerned about his son going to Yemen, consorting with extremists, and that he was not going to go back.

We also, though, had other streams of information, coming from intelligence channels that were little snippets. We might have had a partial name, we might have had indication of a Nigerian, but there was nothing that brought it all together.

What we need to do as a government and as a system is to bring that information together so when a father comes in with information and we have intelligence, we can map that up so that we can stop individuals like Abdulmutallab from getting on a plane.

Moran: But that is exactly the conversation we had after 9/11, about connecting these disparate dots. You were one of the architects of the system put in place after that, the National Counterterrorism Center. That’s where the failure occured, right? The dots weren’t connected.

Brennan: Well, in fact, prior to 9/11, I think there was reluctance on the part of a lot of agencies and departments to share information. There is no evidence whatsoever that any agency or department was reluctant to share.

Moran: Including the NSA? Were the NSA intercepts shared with the National Counterterrorism Center?

Brennan: Absolutely. All the information was shared. Except that there are millions upon millions of bits of data that come in on a regular basis. What we need to do is make sure the system is robust enough that we can bring that information to the surface that really is a threat concern. We need to make the system stronger. That’s what the president is determined to do.

Moran: You see millions upon millions of bits of data that—Facebook has 350 million users who put out 3.5 billion pieces of content a week, and it’s always drawing connections. In the era of Google, why does [the] U.S. intelligence community not have the sophistication and power of Facebook?

Brennan: Well, in fact, we do have the sophistication and power of Facebook, and well beyond that. That’s why we were able to stop Mr. Najibullah Zazi, David Headley, [and] other individuals from carrying out attacks, because we were able to do that on a regular basis. In this one instance, the system didn’t work. There were some human errors. There were some lapses. We need to strengthen it.

In our paper, Effective Counterterrorism and the Limited Role of Predictive Data Mining, distinguished engineer and chief scientist with IBM’s Entity Analytic Solutions Group Jeff Jonas and I distinguished between what we called subject-based data analysis and pattern-based analysis.

Subject-based data analysis seeks to trace links from known individuals or things to others… . In pattern-based analysis, investigators use statistical probabilities to seek predicates in large data sets. This type of analysis seeks to find new knowledge, not from the investigative and deductive process of following specific leads, but from statistical, inductive processes. Because it is more characterized by prediction than by the traditional notion of suspicion, we refer to it as “predictive data mining.”

The “power” that Facebook has is largely subject-based. People connect themselves to other people and things in Facebook’s data through “friending,” posting of pictures, and other uses of the site. Given a reason to suspect someone, Facebook data could reveal some of his or her friends, compatriots, and communications.

That’s a lot compared to what existed in the recent past, but it’s nothing special, and its nothing like what Brennan wants from the data collection done by our intelligence services. He appears to want data analysis that can produce suspicion in the absence of good intelligence—without the “smoking gun” he says we lacked here.

Unfortunately, the dearth of patterns indicative of terrorism planning will deny success to that project. There isn’t a system “robust” enough to identify current attacks or attempts in data when we have seen examples of them only a few times before. Pattern-based data mining works when there are thousands and thousands of examples from which to build a model of what certain behavior looks like in data.

If Brennan causes the country to double down on data collection and pattern-based data mining, plan on having more conversations about failures to “connect the dots” in the future.

As George Will said on the same show, “When you have millions of dots, you cannot define as systemic failure—catastrophic failure—anything short of perfection. Our various intelligence agencies suggest 1,600 names a day to be put on the terrorist watch list. He is a known extremist, as the president said. There are millions of them out there. We can’t have perfection here.”

We’ll have far less than perfection—more like wasted intelligence efforts—if we rely on pattern-based or predictive data mining to generate suspicions about terrorism.

Watch-Lister to Review Watch-Listing

White House ethics counsel Norm Eisen’s conclusion that John Brennan should participate in the reviews of the attempted bombing of Northwest flight 253 is interesting.

Currently serving as assistant to the president for homeland security and counterterrorism, Brennan formerly worked at the Analysis Corp., a contractor that helped develop the watch-list system, one of many security measures that did not prevent the attacker from boarding a flight into the United States.

In my review of some of the security systems involved in the failed attack, I agreed that watch-listing failed, but I am at a loss to imagine how it could succeed.

On the merits of the ethical issue, Eisen cites Brennan’s long experience and the importance of this matter to national security as reasons that Brennan should be granted a waiver from the general two-year ban on political appointees having involvement in matters involving former employers and clients.

But these factors cut equally well, if not better, in the other direction: Long experience can bring a person too close to the problem to see solutions. And national security is too important to let insiders review their own work. 

I have no reason to doubt his good faith, but Brennan’s substantive judgment is likely to be obscured by familiarity with, and sympathy for, watch-listing. He will be unlikely to give sufficiently close examination to the question whether it provides security value given its failure here and its costs in dollars, constitutional principles, and privacy.

Kudos are due the White House and Norm Eisen for posting the ethics waiver on the White House blog. Brennan’s assessment of watch-listing should get similar airing so that the public can review his work aware of his probable sympathies. An outside review may lose something in inside knowledge, but make up for it with gains in substance and credibility.