Big data in national security
3 Aug 2017|

Big-data analytics and machine-learning algorithms have been key drivers for a number of high-profile developments over the past year. Data was used by Google DeepMind’s AlphaGo first to smash through the AI winter, and then to surpass contemporary development projections by 10 years. Facebook has begun using similar learning algorithms to detect and remove terrorist content and messaging. And the Brexit campaign and Donald Trump’s election as US president illustrated how big-data profiling and algorithmically generated ‘news’ can influence public sentiment.

Today, ASPI released two research publications that will add further granularity to Australia’s public policy dialogue on big data in national security. The research was conducted with the support and sponsorship of DXC Technology, formerly CSC Australia.

The Strategic Insights report, Big data in national security, provides a high-level summary of the concepts, applications and challenges of the use of big data in national security and gives a general and accessible explanation of big data. It concludes with recommendations on how the national security community should best govern its implementation and use of big data.

ASPI’s Big data in national security: online resource provides a more detailed analysis of the key concepts, trends and challenges of this vexing policy issue.

Big data is now widely used, but there hasn’t been a corresponding increase in strategic public policy discussions on how the Australian government should use and manage a big-data capability.

The Productivity Commission’s report on data availability and use provided a welcome start to discussions on how to improve data governance. However, there’s been scant informed discussion on the uses of big data by the national security community.

Instead, media-led discourse has focused on government-mandated ‘back doors’ into encrypted messages and the use of ‘metadata’. Unsurprisingly then, there’s been no public discussion of the limitations of, challenges for and risks from the use of big data. Improving Australia’s public policy dialogue will be an essential step in engendering public trust in the use of big data.

Big data in national security can assist in automatically indexing and integrating masses of unstructured information into a searchable feed. Data mining for knowledge discovery can go through that data to uncover patterns and correlations. Those patterns and trends could then be used in predictive analytics.

Several challenges arise in an age of big data. First, implementing big-data technology and practice is complex and expensive. Second, statistical issues of false-positive and false-negative results, the presence of bias in the data, and the potential for feedback loops mean that aggressive big-data projects will need similarly extensive audit and review functions. Maintaining that level of audit and review may be difficult as analytics programs become less interpretable. Third, reputational risks can arise from big-data analysis that is conducted without rigour and causes harm, as has been the case in the ‘Robodebt’ controversy.

Moreover, big-data capabilities are increasingly available to adversaries outside of the national security community. Hackers targeting Twitter accounts have been able to demonstrate machine-learning algorithms that automatically learn details about targets, tailor a hook of personal interest based on those details, and send automated and highly effective spear-phishing communication.

Adversarial attacks against big-data analysis systems have been shown to destroy the system’s predictive performance. The attacks are able to ‘poison’ the malware detection algorithms used in anti-viruses and to cause autonomous vehicles’ vision systems to misinterpret stop signs and cause collisions. That comes in addition to widespread and ongoing structural erosions to privacy and the security of personal information that have dominated the national security policy discussion.

To effectively manage those challenges, benefit from the use of big-data analytics, and improve public confidence and personal information security, data governance needs to be made more explicit and systematic across the national security community and the wider Australian government.