What if…and Palantir, the CIA and FBI’s Threat-Tracking Software

Yesterday, Boing Boing commented on a Bloomberg Businessweek article describing Palantir, a threat-tracking software. Originally developed as a way to detect criminals using PayPal for illicit purposes, Palantir tracks seemingly innocuous data points to determine whether a terrorist plot is in the works. More importantly, it has the ability to raise alarms before the attack occurs. It’s proactive, unlike, say, CCTVs which are passive and largely useful only after an incident has occurred. But, as Boing Boing writer Maggie Koerth-Baker points out, the software raises many privacy and civil liberties concerns.

Palantir’s clients include “the U.S. Defense Dept., CIA, FBI, Army, Marines, Air Force, the police departments of New York and Los Angeles, and a growing number of financial institutions trying to detect bank fraud.” The Bloomberg article notes that bankers are also interested in the software for such things as more accurately pricing mortgages (after collating a larger amount of data on a potential borrower, I assume) and looking for trading insights. The Bloomberg article notes several successes Palantir has had with such groups as U.S. Special Forces the Center for Missing and Exploited Children.

Koerth-Baker wonders if Palantir’s software is a fair trade off in the security vs. privacy struggle. Thiel, who sits on Palantir’s board, claims to be a libertarian, yet he argues that the only way to avoid another 9/11 is to make sure the government has the best data mining systems and make sure they use it lawfully. I don’t know how he reconciles that argument with his libertarian interests. He should know that users of such systems only want more and more data, almost always resulting in abuse of the system. Is such abuse worth the increased protection from terrorist attacks?

The Bloomberg article notes that “Using Palantir technology, the FBI can now instantly compile thorough dossiers on U.S. citizens, tying together surveillance video outside a drugstore with credit-card transactions, cell-phone call records, e-mails, airplane travel records, and Web search information.” Given the FBI’s history of unlawful domestic spying, how should the FBI’s use of Palantir be restrained?

Lastly, the Bloomberg article notes the source of the word “Palantir”:

Palantir’s name refers to the “seeing stones” in Lord of the Rings that provide a window into other parts of Middle-earth. They’re magical tools created by elves that can serve both good and evil. Bad wizards use them to keep in touch with the overlord in Mordor; good wizards can peer into them to check up on the peaceful, innocent Hobbits of the Shire. As Karp explains with a straight face, his company’s grand, patriotic mission is to “protect the Shire.”

But what isn’t mentioned is that those who looked through the stones in the Lord of the Rings books were deceived and came to false conclusions. Should Palantir enter the insurance and health care markets (as the Bloomberg article says is a goal of Palantir), one must stop and wonder about the consequences of such incorrect conclusions. I can already picture insurance company employees and other government bureaucrats pointing to Palantir’s conclusions and saying their hands were tied and there is nothing they can do for you.

I think my concerns of privacy over the surveillance state are fairly clear. I do not believe this high level of surveillance is worth whatever marginal increase in security it offers. Information on failed terrorist attacks is almost never released. And if a red flag is raised based on a collection of innocuous data points, you still do not likely have enough to arrest someone. Further investigation is going to be required. Palantir is but one tool. But is it one that should be used? Moreover, as most of Palantir’s work is classified, how can we be sure taxpayers’ money is spent effectively?

I think a lot of the “What if” elements are clear in this one. What if a bureaucrat abuses the system? What if the system comes to false conclusions? As the Bloomberg article points out, criminals were able to outsmart earlier versions of this technology. What if criminals and terrorists once again outsmart Palantir? What level of surveillance would Americans experience then? What if criminals bought off Palantir users, and they were not only able to beat the system, but also steal identities (for future crimes), private information (to be used for blackmailing victims), or other bits of intelligence?

What do you think of this software? How should we balance privacy and security? Is this another example of the rise of the surveillance state?