We Need a New Systems Architecture to Protect Personal Data and to Deal With Foreign Espionage

By Ed Timperlake

A threshold now may have been tragically crossed in Electronic Surveillance.

Meta data collection is merging with machine-based analysis to filter actionable intelligence. And this information can now be merged with facial recognition software and ubiquitous camera presence. In a police state like the PRC, this provides significant tools to both control citizens and to deal with foreign influences which the regime will not tolerate.

The PRC also has access to commercial credit databases like Experian, etc. that is a gold mine of info for recruitment of spies in every OECD nation.

While serving as Director Technology Assessment, International Technology Security, (ITS) Office of the Secretary of Defense (2003-2009) I became familar with information systems that captured metadata and then harnessed powerful machine based analysis to filter actionable intelligence in order to make America and our Allies safer.

I personally saw the power of their vision being merged with the power of information age technology and was hugely impressed.

However, in our ITS office, we then had a series of discussions about employing such metadata collection and analytical efforts for our Counterintelligence (CI) mission. I saw tremendously powerful new tools.

But, during our ITS office robust discussions, a very smart co-worker flagged his deep concerns about proceeding down this path. This colleague pointed out that it was way too much power to give to the government.

The lowest common denominator is the key source of concern about a government information collection system gone wild.  It is not even about the integrity of the system; it is about a system that can not ensure the integrator of the lowest common denominator.

I personally don’t want a PFC Manning using my personal data for whatever advantage he believes he has the right to gain from that data. PFC Manning is most definitely at the bottom of the Chain-of-Command but what about our leaders and their performance as well?

We need a new systems architecture that compartmentalizes our personal information not just for the sake of protecting civil liberties, but to prevent misuse by both our own government and foreign powers.

We are creating a “one stop” collection effort for PLA Ministry of State Security  (MSS) “collectors.”  What PFC Manning can do, certainly the PLA can do.

China to control their citizens makes no pretense about protecting privacy and routes their cellular exchanges through the Peoples Armed Police. Inside and outside of China, PLA collectors try to collect everything important t their interests and their presentation of reality.  This is their constant unrelenting pattern and practice.

We are now quickly making it very easy for them. The issues of cyber penetration by collectors can be very simple; touch one classified secure system and very possibly a spy can touch them all.

Tragically, thanks to a recent and extremely important Washington Post story we now know that PLA cyber attacks to acquire highly guarded information about critical defense technologies have been very successful. Hopefully the US is rapidly addressing that problem and fixing it.




Now a great human tragedy has been identified as playing out in China.

The New York Times just broke one of the most important stories about a successful 21st Century counter intelligence operation by the PRC.

The South China Morning Post gives reporting kudos to NYT and their headline captures the current state of play:

China killed or jailed up to 20 US spies in 2010 to 2012, report says

‘One of the worst US intelligence setbacks in decades’ may have been the result of hacking, code-breaking or betrayal by moles within the CIA

Beijing systematically dismantled CIA spying efforts in China beginning in 2010, killing or jailing more than a dozen covert sources, in a deep setback to US intelligence, The New York Times reported on Sunday.


What has been missed so far is the potential merging of all things in U..S total information awareness electronic files with accurately reported successful breaches by hostile intelligence services. These services can merge data with the next step in counter intelligence technology — facial recognition technology. Merging purloined highly classified information about U.S. Intelligence Community sponsored “collectors” or agents of influence in play inside the PRC with facial recognition technology become a powerful tool.

The PRC may well have deployed automated speech recognition software to screen a large amount of verbal conversations they monitor as well. Already we have seen the use by China of surveillance and facial recognition systems at the 2008 Olympics.

Under Beijing’s seven year, $6.5 billion program called the Grand Beijing Safeguard Sphere, the Chinese government has installed roughly 300,000 video surveillance units around the city, according to a Los Angeles Times article. Included in that project and in conjunction with the video cameras, China has also deployed a face recognition technology in hopes of catching unwanted visitors at the Olympics in Beijing this summer (2008).

Chinese officials are hopeful that it soon will be able to identify individuals out of a moving crowd. While China does have legitimate concerns over watching for Chinese critics and activists as a recent attack killed 16 police officers, Western security experts fear that China is pushing the envelope.

In addition to video surveillance, there are reports of the Chinese Government monitoring and controlling internet access, monitoring hotels and taxis, and employing ordinary citizens as snoops for suspicious behavior.


During the run-up to the Beijing Olympics, a system of monitoring cameras that combined the optical TV scanners with facial recognition software and a database of known terror suspects was initiated. The system was designed and able to flag people and issue alerts in near real time.

As usual, the PLA in reaching out globally would demand that the technology transfer would include database of known terrorists.

It is unknown how far the transfer of any database would have been allowed.

And such merging of data is indispensible to the kind of activity reported by the New York Times by the Chinese counter intelligence services.


Bookmark this article.

Leave a Reply

Your email address will not be published. Required fields are marked *