/. [The U.S.'s Net Wide For 'Terrorist' Names]
Eugen Leitl
eugen at leitl.org
Sat Jul 8 01:37:51 PDT 2006
Link: http://slashdot.org/article.pl?sid=06/07/07/1812240
Posted by: timothy, on 2006-07-07 19:45:00
Yesterday's report of [1]name-based blocking of money transfers as a
result of U.S. Treasury policies intended to reduce the flow of money
to Middle Eastern terrorists drew more than 800 comments. Western
Union money transfers were at the heart of the linked Associated Press
article, but as some of these comments point out, that's not the only
case of interference in electronic financial transactions based on the
names of the participants, akin to the use of the much-derided no-fly
list. Read on for the Backslash summary of the conversation.
Several readers concentrated not just on the undesirability of
government snooping on money transfers in the first place, but on the
unintended but likely side-effects of heavy-handed government
oversight of conventional money-transfer methods; as the AP article
explained, there are ways to route around large-scale commercial
services like Western Union, including informal networks called
"hundis" or "hawalas." Reader quantaman calls increased control on
conventional money-transfer services "worse than useless," writing:
"From what I can gather from the article this policy is actually
harming security.
... If law abiding people are avoiding official institutions what
makes them think that terrorists are stupid enough to use them?
More than that, by driving additional people to the hawalas it
circumvents existing security measures. For starters, it means that
more money (even the legit stuff) is moving around and they have no
idea where it went. Also the additional people using the hawalas will
mean they are more developed for the terrorists [to] use them.
Additionally, when you uncover a hawala network it will be that much
harder to pick out the terrorists, since you've added all these false
positives. And finally, for the terrorists who would have used
official institutions in the past since it was easy and the hawalas
weren't developed, now you no longer have a money trail you can
inspect later on.
All this security measure does is inconvenience and alientate a whole
bunch of people while making the world a little less safe."
No matter how legitimate the ends to which it will be put, high-handed
interference with the transfer of money isn't popular for other
reasons, too. Reader ColourlessGreenIdeas writes "I know of a charity
that works with (mostly Christian) organisations in the West Bank.
Their usual way of getting money to their partners is to fly into
Israel with a [2]big bundle of money. Otherwise it tends to get
massively delayed by U.S. banks."
(And at least one reader points out reason to suspect that Western
Union in particular might have been [3]willing to turn over
information on its customers even in the absence of Treasury
regulations.)
The Treasury regulations on which the name-filtering is based are
clearly imperfect, but not quite as simplistic as certain comments
painted them. Responding to the claim in the AP article that "Western
Union prevented [taxi driver Abdul Rahman Maruthayil] from sending
$120 to a friend at home last month because the recipient's name was
Mohammed," reader lecithin says "Not true. They prevented him from
sending the cash [4]because his name was Sahir Mohammed. A bit of a
difference. Perhaps a Sahir Mohammed has some links to 'bad guys'?
Well, it happens here in the U.S. too. There are plenty of stories
regarding people being put on the 'do not fly' list due to
circumstances like this as well."
Reader bwcarty, too, calls "FUD" on claims that the list is
indiscriminant or exclusively targets those with Arab names, writing
"I work for a division of a large financial firm, and we are
[5]required to download a list of [6]Specially Designated Nationals
from the Treasury Department and compare names from it against new
accounts and transfers. The list includes lists of suspected
terrorists, and they're not all Arabic (think Irish Republican Army)."
Reader rhsanborn offers a similar account of the regulations and why
they affect one-time transfers so significantly:
"... They aren't blocking people because they have some generic Arab
name. They are blocking people who have [7]names that match the
Federal list of suspected terrorists. As someone mentioned above,
something like Sahir Mohammed. Probably a perfect match for the list.
We too have to run periodic checks against the names in that database.
If a match comes up, we have people individually check other
information to confirm that it is an actual match (e.g. same name,
different birthday).
We have open accounts with these people though, so we have a
significant amount of time to deal with these. Western Union has a
very short period of time because it is a one time transaction that
happens relatively quickly."
Several readers related personal experience with the no-fly list, and
a few pointed out some of its better-known shortcomings, such as a
[8]Soundex-based name database which has the potential to needlessly
flag [9]passengers like Senator Ted Kennedy and the former Sex Pistol
Johnny Lydon (though as dan828 points out, [10]Lydon has never
actually been stopped because of the list).
Many readers denounced as racist the use of common Arab names to
justify interference in money transfers. One response to that claim
comes from reader mrxak, who offers a more innocuous explanation,
namely imperfect information and a limited pool of names, which will
inevitably contain variations of commonly used names. Such a system,
he argues, is therefore based on pragmatism -- [11]not necessarily
racism." Arguing that a similar system would pose just as much risk
for "John Smiths" on the list as for those with Arab names, mrxak
concedes the need for "a better system," and asks "but what kind of
system would work?"
To this, reader eln had a ready answer: "Maybe a system where you
[12]gather a little more information about suspected terrorists other
than their name before throwing them on some sort of list that
prevents anyone with that name from doing all sorts of normal tasks.
... [O]f all of the pieces of information that can be used to identify
a person, his name is probably the one that's most easily falsified.
So, instead of doing some actual police work and gathering some actual
evidence against an actual person, we decide to cast a wide net, and
end up catching a lot of innocent people while actually decreasing our
chances of catching the actual bad guy."
Jah-Wren Ryel's answer to the same question is more radical -- Ryel
suggests that perhaps [13]"none at all" is the best approach. He asks
"What makes you think that any system could work?" Rather than
spending money on elaborate surveillance or other
intelligence-gathering efforts, Ryel says, "spend it on emergency
services instead. ... No matter how many tax dollars you throw at the
problem, terrorism is a tactic that can not be fully countered."
Rather than concentrating on the prevention of terrorist acts, he
argues, the most intelligent use of resources is on "the
infrastructure that minimizes the damage. Better hospitals, better
fire departments, better 'first responder' teams. That way, we get the
benefit of the money spent regardless of if a terrorist blows up a
building or an earthquake knocks it down."
The Israeli response to recurring attacks illustrates that these
approaches may be in large part reconcilable; infrastructure
improvements and intelligence gathering can certainly coexist, details
of their implementation aside. The effectiveness of the pre-emptive
side of any nation's approach to minimizing terrorist attacks, though,
is slightly different from its approach to "fighting terror" in a
broad sense.
On that note, reader karlandtanya describes measures such as the U.S.
policies subjecting what might otherwise be private financial
transactions to automated scrutiny as "[14]effective, but still
unfair," categorizing the use of name-based interference as what Bruce
Schneier has described as "security theater." Karlandtanya writes,
cynically, that in reaction to perceived security threats, "we present
the appearance of security measures. Going overboard and causing
outrage is just part of the salesmanship." To combat terror in a
literal sense, he writes, "[t]he solution is, of course, the
perception of security."
_________________________________________________________________
Thanks to all the readers whose comments informed the conversation, in
particular to those whose comments are quoted above.
References
1. http://yro.slashdot.org/article.pl?sid=06/07/06/1610229&tid=98
2. http://yro.slashdot.org/comments.pl?cid=15668058&sid=190461&tid=98
3. http://yro.slashdot.org/comments.pl?cid=15668360&sid=190461&tid=98
4. http://yro.slashdot.org/comments.pl?cid=15667965&sid=190461&tid=98
5. http://yro.slashdot.org/comments.pl?cid=15668203&sid=190461&tid=98
6. http://www.ustreas.gov/offices/enforcement/ofac/sdn/sdnlist.txt
7. http://yro.slashdot.org/comments.pl?cid=15668462&sid=190461&tid=98
8. http://en.wikipedia.org/wiki/Soundex
9. http://slashdot.org/article.pl?sid=04/08/20/1244205&tid=103
10. http://yro.slashdot.org/comments.pl?cid=15668598&sid=190461&tid=98
11. http://yro.slashdot.org/comments.pl?cid=15668037&sid=190461&tid=98
12. http://yro.slashdot.org/comments.pl?cid=15668209&sid=190461&tid=98
13. http://yro.slashdot.org/comments.pl?cid=15668377&sid=190461&tid=98
14. http://yro.slashdot.org/comments.pl?cid=15668264&sid=190461&tid=98
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list