Posts

How to Develop a Critical Database People Will Trust

New economy opportunities for trust come from the ability to create, access and share databases about people. And of course one of the largest risks to the use of large databases is the consequence of getting it wrong.

Sometimes getting it wrong can have trivial consequences—a wrong phone number. Or, the consequences can be serious, even fatal—wrong data in a medical report, or evidence in a capital case.

What’s the best way to ensure clean data? Is it cross-checking databases? Multiply redundant systems? Multiple data-entry? Random audits?
Some of us frequent travelers recall being caught in a false-negative trap a few years ago at the airports: being pulled out of line in security checks because our names were somehow linked to terrorism.

There were thousands of these cases, I recall. I was one, and it took several months to clear it up. It was annoying, though I confess to some small measure of pleasure at the notoriety, as long as it didn’t go on too long.

Fixing the list of terrorists: now, that’s one database worth getting right. And worth looking at how they did it.

Timothy Clark is Editor and President of GovernmentExecutive.com, which produces several informative newsletters about the federal government.

Recently, Shane Harris wrote about Making a List.
 

The FBI’s Web site describes the Terrorist Screening Center as an "anxious" place, full of "serious faces — like you see at NASA’s Mission Control right before a launch."

"The TSC is essentially a call center, handling queries from law enforcement, security and intelligence agencies all asking the same basic question: Is the guy we just stopped at the border or pulled out of an airline queue, a known or suspected terrorist? The FBI calls it "one-stop shopping."

"The TSC was established to consolidate the dozens of so-called terrorist watch lists that proliferated across government before and immediately after the Sept. 11 attacks. …how it was created gives you a good idea of how difficult information sharing really is, and what intelligence agencies face today as they struggle to get on the same page.

"Who decides what names go on the list? Settling that question was one of the TSC’s first challenges. The agencies with a stake in the list all had their own way of handling information, and each had different ideas about names they wanted to add.

"The screening center laid out some basic criteria for adding a name. First, an individual had to have some demonstrable nexus to terrorism. An agency couldn’t just tell the center, "trust us," Bucella said. Every day, the TSC would get an upload of 300 to 500 names. Those weren’t all new; some included updated information about existing names. But the pace was relentless.

"Perhaps inevitably, then, people who shouldn’t have been on the list ended up there anyway. It wasn’t uncommon to drill down on a name and discover that someone an agency had encountered wasn’t actually the person on the list, even though the two shared the same name, Bucella said. But when the TSC did get a hit, day or night, officers would contact the person who had added the name.

"… building and maintaining the watch list is more of an art than a science.  But that’s to be expected from such a subjective endeavor. The consolidated watch list is, in its own right, a legitimate bureaucratic success. But how it was built and how it is maintained lets you in on one of the hard realities about sharing intelligence and hunting for terrorists: Mistakes are unavoidable.

Digital systems can never be fully insulated from the analog world.  Trust can never be fully automated. 

That doesn’t mean digital approaches to trust aren’t valuable; it just means they’re not omnipotent.