February 11, 2013, 1:56 PM — You know those thousands of stories people like me have written about how Facebook, Twitter, Foursquare and their various social media cousins are like a gift that keeps on giving for the International Surveillance Industrial Complex?
Turns out we were right (of course). Yesterday, the UK’s Guardian published a video created by Raytheon, one of the world’s largest defense contractors, showing a tool it developed that could mine multiple social networks and “gain an entire snapshot of a person's life – their friends, the places they visit charted on a map – in little more than a few clicks of a button.”
The tools is called Rapid Information Overlay Technology – RIOT for short. The video shows Raytheon principal investigator Brian Urch giving an online demo showing RIOT’s ability to track a Raytheon employee named Nick across the country using just the photos he’s posted to social networks.
Essentially, RIOT scans Nick’s posts for the longitude and latitude data embedded within photos to map his trail across the southern US. It also tracks his Foursquare check-ins. For example, we know Nick likes to hit the gym early most mornings. "So if you ever did want to try to get hold of Nick, or maybe get hold of his laptop, you might want to visit the gym at 6am on a Monday," Urch says in the video.
The $25 billion defense contractor denies selling RIOT to any clients, and says it’s just a “proof of concept.” On the other hand, Raytheon just received a patent for RIOT. According to a June 2010 company press release:
… Raytheon's rapid-information overlay technology for extreme-scale analytics is being shared with industry and government in an effort to create an interoperable service platform for developers and analytics suppliers… [the company] is leading efforts with industry, national labs and commercial partners to build a new analytics system that readily scales to trillions of entities.
Because the video tracks a Raytheon employee – who presumably knew about it and gave his permission – it’s unclear how much data the spooks could gather about another citizen who’s unaware of the tracking, how much RIOT relies on publicly available information, or whether the spy needs to be within your circle of friends to obtain this level of detail.
Raytheon responded to the Guardian’s story thusly:
"Riot is a big data analytics system design we are working on with industry, national labs and commercial partners to help turn massive amounts of data into useable information to help meet our nation's rapidly changing security needs.
"Its innovative privacy features are the most robust that we're aware of, enabling the sharing and analysis of data without personally identifiable information [such as social security numbers, bank or other financial account information] being disclosed."
Well, maybe, but that’s not what that video showed. And really, the notion that a) spooks will use RIOT to identify potential terrorists and other threats via their social media activity but b) someone fail to obtain their personally identifiable information? The technical term for that is bullshit.