The clamour for wider surveillance measures has been deafening in the wake of September 11.
To date, opponents against such moves have argued mostly on civil liberties grounds. But the case against can also be made on the grounds that more surveillance simply won't work.
That's the analysis of Bruce Schneier, founder and chief technology officer of Counterpane Internet Security, who says the failure to anticipate the September 11 attacks was one of data interpretation, not of data collection.
Speaking today at the Information Security Solution Europe conference in London, he drew parallels between Internet security and physical security to make his point that more widespread monitoring is in itself unlikely to prevent terrorism.
"You can either build a system right or build it wrong and watch everybody," he said. "Broad surveillance is generally the sign of a badly designed system of security."
Instead of relying on collecting more data (signals intelligence), counter terrorism agencies should put more effort into human intelligence, he argues. "The Stasi collected data on four million East Germans, roughly one fourth of their population. Yet they failed to predict the fall of the Berlin Wall because they invested too heavily in data collection and too little in data interpretation and human intelligence."
According to Schneier, it is possible - but not easy - to improve security without harming privacy and liberty. Something approaching robust and resilient security could be achieved by combining prevention, detection. There's a chance to redesign our "public infrastructures for security", he said. ®