Traffic Analysis 101: During the cold war, military and diplomatic communications security was enhanced by sophisticated coding technologies. No longer was it possible to “break” an enemy’s codes and be able to read everything that the enemy communicated. Other techniques had to be developed in order to exploit the vast communications networks that supported military, diplomatic, and terrorist organizations. One of those techniques, Traffic Analysis, does not look at the contents of messages. Instead traffic analysts focus on who is talking to whom and for how long and how often. Traffic analysts can build a command and control model of a potential enemy’s organization, determine where the “brains” are, speculate about where the “action” is or will be, and even predict methods and time frames of such actions – all without reading a single message. In order to be effective – to be able to detect troop movements, financial money transfers, terrorist planning activities, and other activities of interest, traffic analysts must have a comprehensive picture of what the “normal” communications network environment looks like. That requires a continuous and complete collection of all communications activities of target organizations. Once the “brains” and other key operatives have been identified, permission from the FISA Court, if necessary, to employ other techniques, such as wire taps, can be undertaken.
Traffic Analysis is the method of discovery when other more invasive techniques are technically or legally impossible. If traffic analysts are forced to analyze only the communications of those individuals who are already known, their time is being wasted.
The current cell phone metadata collection effort of the NSA – the one Mr. Snowden is so upset about – is merely the latest in a long history of valuable traffic analysis studies the agency has performed over the 50 some years it has been in existence. A unique problem of the cell phone network is that the communications networks of potential enemies and terrorist organizations are embedded within worldwide civilian cell phone traffic. Terrorist calls are not made on separate identifiable communications networks. They must be identified within the larger environment of cell phone communications. Statisticians would call this looking for the “signal” within the “noise.” If the agency is limited, the terrorist signal becomes increasingly hidden in the noise – and may go undetected.
You and I will never know how effective such efforts have been – because to reveal the results destroys the effectiveness of the effort – as Mr. Snowden has done with the cell phone metadata program.
For years the NSA has performed this important intelligence gathering and analysis function and has provided federal government organizations with critical intelligence data. That power has NOT been abused. Most people had never even heard of the NSA until last year. Even today, most people will never know how effective the NSA Traffic Analysis programs have been. But now, everybody, it seems, has become an NSA expert.
NOTE: I am a retired Master Chief Cryptologic Technician and the views expressed in this column are my views. They do not necessarily represent the views of the National Security Agency.
This commentary was subsequently published May 27, 2014 in the print edition of the Winona Daily News under the headline: NSA played key rold in traffic analysis