U.S. Special Operations Command has apparently found that Twitter and other social media sites, as well as publicly available data collections, can help disrupt terrorist finance networks.
The Tampa-based command investigated those techniques last year during a “six-part experiment” called “Quantum Leap,” according to an 18-page draft “after-action” report obtained by the Federation of American Scientists and released on its website Tuesday.
Unlike data mining programs used by the National Security Agency and revealed to several media organizations by Edward Snowden, Quantum Leap, which took place over eight days in August of 2012, used publicly available information.
What happened with the experiment remains unclear. Socom spokesman Army Maj. Robert Bockholt said “the project was defunded and no final after-action report was produced.”
The draft report, he said, “has a number of errors in it.” He could not elaborate by Thursday afternoon.
In the experiment, Socom’s National Capitol Region headquarters, along with dozens of government officials, software developers and data industry representatives, met in a Defense Department facility outside of Washington, D.C. to find ways of using social media and publicly available data collections to stop the flow of money to terrorist organizations from a complex money laundering network, according to the report.
Quantum Leap used a scenario based on a real money laundering investigation to find ways to “exploit the human, commercial and information networks associated with the money laundering case,” according to the report.
The network helped hide transactions by filtering the flow of money through shell corporations, masked ownership, large numbers of individuals, layered transactions, and bank secrecy havens like Switzerland. It was aided by registered agents, attorneys, accountants, limited liability corporations, and family members and close friends of the key participants, according to the draft report.
“Overall, the experiment was successful in identifying strategies and techniques for exploiting open sources of information, particularly social media, in support of a counter threat finance mission,” according to the report.
One of the “most heavily used specialized tools” employed during the Quantum Leap experiment was a program called “Social Bubble” which “summons data via the Twitter API to display Twitter users, their geographic locations, posted Tweets and related metadata.” The program was developed for Quantum Leap to be used with a geospatial information system program employed by Socom and other government agencies called Raptor X, which can import, exploit and display different data.
Social Bubble “enabled identification of various entities, people, businesses and locations associated with the money laundering network,” according to the report.
Quantum Leap also made “heavy use” of open-source information and social media, including publicly available personal identifying information, blog postings about the network and its members and publicly reported data about companies, banks or other entities associated with the network.
“More than 200 additional open-source tools and sources were identified relevant to counter threat finance,” according to the report.
The report found the “pronounced utility of social media in exploiting human networks, including networks in which individual members actively seek to limit their exposure to the internet and social media.”
However, while touting the effectiveness of the experiment, the report also raised questions about laws governing social media.
“Legal review of the appropriate use and application of social media is in its infancy,” according to the report. “Social media is transforming notions of privacy and distinctions between personally identifiable information and self-reported public information will have to be established by precedent in case law.”
Socom spokesman Bockholt said it is important to understand that Quantum Leap did not involve any active investigations.
“No product resulted from the experiment,” he said. “There was no information gathered on individuals or organizations and nothing that could be used by law enforcement.”
Quantum Leap “was an experiment in developing a process and procedures for building an environment for interagency collaboration,” said Bockholt. “The only take away was there needs to be additional work on building an interagency collaborative environment.”
Socom’s first director of intelligence, who is now the president of the Florida chapter of the American Civil Liberties Union, said he has concerns about military involvement in domestic law enforcement and the margin for error in identification.
“I look at this with two hats,” said Mike Pheneger, who helped develop intelligence-gathering programs for Socom. “One hat says this is a very interesting development. But with my ACLU hat, I say two things. One is potentially disturbing from standpoint from the maintaining of individual privacy in the U.S. and the second is the lack of legal guidelines and oversight how to begin to use tools like this.”
Pheneger said he is troubled by the blurring of lines between the military and law enforcement raised by Quantum Leap.
“As a civil libertarian, I am concerned about posse comitatus,” law preventing the military from taking part in domestic law enforcement actions, said Pheneger. “Where does the line between domestic law enforcement and the involvement of U.S. military, special operators or otherwise, begin to start? It is kind of strange.”
When he headed up Socom’s intelligence operations between 1987 and 1990, Pheneger led the development of a program called SOCRATES, an intelligence network management system, which he said was “designed to access all the intelligence and improve the ability to process information,”
The military, he said, “is probably leading a lot of development along the way” of programs to mine open-source materials, But “the possibility of them doing what they say they can do has a lot of margin for error in identification. It strikes me that the possibility for mistakes is fairly significant.”
Steven Aftergood, director of the project on government secrecy at the Federation of American Scientists, said he is not opposed to the experiment, but wants to know more.
“I don’t object,” said Aftergood, whose organization is an independent, non-partisan think tank dealing with national and international security issues. “I want to understand it better. It shows some cleverness and initiative on the part of Socom. The prominent role of industry is a concern. If the data mining tools are in the private sector, they are beyond effective oversight and that is a subject of concern.”
Quantum Leap shows just how much information is publicly available, Aftergood said.
“Their conclusion is that there are benefits to the use of software tools to extract valuable information from social media,” said Aftergood, who was given the report by someone he would not identify who handed him a manila envelope “That is an interesting finding by itself. You don’t think of Twitter or Facebook as an obvious tool for combatting money laundering, but they are saying there is value there.”
The experiment “is a reminder of how the privacy environment has shifted,” said Aftergood. “Things that we used to take for granted about personal privacy have become largely obsolete as more and more information goes on line. That’s partly a cultural and partly a generational thing.”
Aftergood was also quick to point out the difference between Quantum Leap and the PRISM and XKeyscore programs revealed by Snowden, an NSA contractor hired by Booz Allen Hamilton who has been charged with espionage and is now under temporary asylum in Russia.
“With the NSA, they had to capture information from industry providers, cell phone, Facebook and other services,” said Aftergood. “Quantum Leap is talking about information that is there for anyone to use if they know how to make use of it.”