PRISM: Hut One vs. Hut Two, WWII Era Bletchley Park Revisited

Written by Tom Ewing

As the NSA PRISM e-surveillance project continues to unfold, Tom Ewing brings back images of 1938 code-breakers at the UK’s Bletchley Park. It’s Hut 1 vs Hut 2 and how much spying is too much for you?

aNewDomain.net commentary — The United States government copies and analyzes all the world’s electronic communications. So says whistleblower Edward Snowden, who recently shared with the world the NSA’s top-secret electronic surveillance  program. And now we learn the government is copying info from billions of pieces of snail mail in the United States, too. Makes me think of the WWII era code-breaking center, Bletchley Park. Here’s why.

This copying and data analysis surely makes us safer sometimes — but there’s likely another part of it that probably doesn’t do us any good — and might do all of us some serious harm.

bletchley parkHere’s a tale of two cryptanalysts. One sits in Hut 1, and the other sits in Hut 2. We’ll use the “hut” term as a nod to the valiant code breakers at Bletchley Park during WWII, pictured at left. Courtesy: Wikimedia Commons.

Most folks in the U.S. probably have few issues with Hut 1.  Hut 2 is a different story.

The team in Hut 1 busily tracks all communications in the orbit of specific groups of suspected terrorists. Assume there are four suspects at the moment – Mick, Keith, Ronnie and Charlie. We’ll use Rolling Stone names because a different Mick once bankrolled a film about Bletchley Park called “Enigma”(2001). 

At any rate, these particular miscreants are planning to drive a truck bomb into an elementary school located in some heartland city like Terra Haute. Federal agents could already arrest them, but they would first like to know as much as possible about this little band, including its funding sources, controllers, sponsors, fellow travelers, and so on. And the best way to do this is to copy and analyze all of their communications — classic signal intelligence since at least the days of Bletchley Park.

It’s not easy to object to Hut 1 in a way that would convince very many folks, at least in the U.S. and probably not in any country that’s experienced a serious terrorist attack.

Let’s assume further, and this is not an unreasonable assumption, that Hut 1 contains someone like Army Warrant Officer Kellie whose job it is to separate out communications between Mick, Keith, Ronnie and Charlie that are completely innocent — like email to dry cleaners about laundry where terms “dry cleaners” and “laundry” are not code words for anything at all.

Warrant Officer Kellie hails from McAlester, Oklahoma and is proud of her job hunting down terrorists, and she takes all of her training about protecting innocent people really seriously. Her blood boils when she reads stories about the government snooping on private emails and how our civil liberties have been compromised because she knows that her team honors the privacy of citizens.

She’s sorry that her high security clearance prevents her from telling her friends back home about how careful the team in Hut 1 is with the communications data that they collect.

When the feds round up Mick, Keith, Ronnie and Charlie, good soldier Kellie will feel that her work has been worthwhile, and her chest will justifiably fill with pride. And honestly, it’s not difficult to agree with her.

No one should be allowed to drive a truck bomb into an elementary school, right?

And then there’s Hut 2.

Hut 2 boasts a different set of gear than Hut 1. The staff of Hut 2 is significantly more educated than the staff of Hut 1. In fact, the guys in Hut 2 consider themselves to be members of the next Los Alamos dream team of science wizards, and they’re probably not too far off the mark.

Apart from extraordinary abilities in mathematics, the team’s leader, who we’ll call Dr. Ian, probably speaks at least five languages fluently and plays two instruments as good as most professional musicians. He’s a well-rounded genius.

Hut 2 is more secret than Hut 1. Even Warrant Officer Kellie doesn’t know what goes on in Hut 2. The Hut 2 guys seems a little aloof to Warrant Officer Kellie. She assumes, incorrectly, that their mission is the same as hers.

She’s wrong.

Hut 2’s mission is nicknamed the Needle in the Haystack Project. Hut 2 is developing extremely sophisticated algorithms that aim to sift through all the world’s communications and spot “targets of interest” not presently known within the intelligence community.

So assume there’s another terrorist group made up of George, Paul, John and Ringo. This group isn’t one known to the security services. Hut 2’s mission is to find all such groups not previously known.

Hut 2 is far more difficult to defend than Hut 1.

First of all, there’s the issue of the extent to which Hut 2 can achieve its goals technically.

If Hut 2 scans all the world’s electronic communications for say, “bomb,” then it’s going to need enough smarts to separate out communications related to people talking about a terrorist attack they heard about on the news, people talking about a movie that wasn’t very good, people talking about a type of cake they want to buy at the local bakers, etc.

And as Warrant Officer Kellie would tell you, the odds that terrorists would actually use the word “bomb” rather than a code word that means bomb are pretty slim. It goes without saying that Hut 2’s budget is significantly larger than Hut 1 since Hut 2 is a bona fide research project.

Second, let’s assume that you’re scanning the entire world’s electronic communications looking for patterns of code words that might equate to some form of crime. That would be quite a difficult task, wouldn’t it?

Hut 2 might want to tackle first something simpler like scanning all the world’s communications looking for code words that would be indicative of a forthcoming bombing. This is still a significant challenge – just imagine something simple like sorting through all the world’s emails from a single day looking for code words related to a bombing. That’s sorting out “Your Amazon order was mailed on Tuesday,” meaning your Amazon order actually was mailed on Tuesday, from “Your Amazon order was mailed on Tuesday,” meaning “Explosives will be placed in the designated place on Monday.”  In short, the team would have to analyze every communication to see if it contained code words for terrorist activity.

Of course, the task can be somewhat simplified through the use of metadata – in this context, that’s a fancy word for “profiling.” But even this approach can’t eliminate all the ambiguity. Assume we’ve used metadata to focus on potential suspects located in Alabama. This won’t help much with distinguishing between “I’ve got two tickets for Saturday’s ‘Bama game,” and “I’ve got two tickets for Saturday’s ‘Bama game,” but it’s code for “I’ll have two petrol bombs ready on Saturday.”

I suspect it might even be possible to prove mathematically that the inherent ambiguity problems in sorting through random communications could never be solved where the communications have been minimally coded and the parties sending the communications are not ones previously bounded by any sort of watch list.

Third, the potential for political abuse from Hut 2 is enormous. We Americans like to think of our political system as historically unflawed. But that’s the Disney version of our history, and we all know it.

Imagine that Hut 2 had been available to Nixon during the Vietnam War protests. The President could have ordered Hut 2 to search for messages that would be typical of a prospective member of an antiwar organization.

Unlike Hut 1, Hut 2 can look high and low for anything and everything that matches. With luck, Hut 2 could direct authorities to round up, or at least harass, prospective antiwar demonstrators before they had a chance to join any antiwar organized group.

Fourth, the government has a tendency to encourage the development of civilian analogues to military programs. So, imagine a “technology transfer” involving the coolest stuff from Hut 2 — Hut 2’s data collection and metadata analysis gets licensed to a collection of civilian entities.

For example, a health insurance risk profile organization could set about analyzing electronic communications for evidence of disease and illness, and set about limiting or terminating policies before the insureds had a chance to visit the doctor. If their condition turned out to be a minor one, then the policy could be reinstated just as easily as it was curtailed.

The program could also search for evidence of smoking and drinking in electronic communications among insureds and raise premiums. Some non-smokers might be cheering now, but the same program could also look for evidence of fat and sugar consumption and make premium adjustments accordingly. In other words, if you’re not living like a Puritan, your policy is subject to “adjustment.”

Similar systems could be designed for religious organizations to test the faithfulness of their followers.

If Hut 2 achieves its Manhattan Project-like aims and develops a tool that can sift through all the world’s communications to isolate those communications that “we” don’t like (where “we” is subject to definition) … then Dr. Ian at the moment of his greatest technical achievement might likely go all Oppenheimer-ish and suddenly see the moral implications of his work, reel back in horror, and only afterward say something like:

Now I am become Death, the destroyer of worlds.”

Do we really want to be looking at “everything” for “anything”?

For aNewDomain.net commentary, I’m Tom Ewing.

Based in the U.S. and Europe, Tom Ewing is an intellectual property strategist and attorney who advises the United Nations agency WIPO on patent issues, lawsuits and strategy. He also is a senior editor and a board member at aNewDomain.net.