Security Data-Mining And Other Forms Of Witchcraft

At what point do science and magic converge? And what are the potential costs?

Matt Bernius · · 42 comments

Yesterday, as part of an editorial in support of the NSA surveillance programs, the Wall Street Journal wrote:

From what we know, the NSA runs algorithms over the call log database, searching for suspicious patterns over time. The effectiveness of data-mining is proportional to the size of the sample, so the NSA must sweep broadly to learn what is normal and refine the deviations. […] We bow to no one in our desire to limit government power, but data-mining is less intrusive on individuals than routine airport security. The data sweep is worth it if it prevents terror attacks that would lead politicians to endorse far greater harm to civil liberties. [mb: emphasis mine]

As I read it, the author is saying that security data-mining promises that, by collecting enough data, and running the right algorithms on it, we will not just be able to catch terrorists after the fact, we will be able to predict what will occur and prevent it from happening.

This promise is nothing new. Science Fiction authors like Phillip K. Dick have been toying with the implications of this possibility for decades. In fact, this type of promise goes even further back. Thinking about it as an anthropologist, I see the promises we find in predictive, scientific technologies as being closely related to the promise that so-called “primitive” peoples placed in magic.

To paraphrase one of the most famous passages of E. E. Evans-Pritchard’s seminal ethnographic work Witchcraft, Oracles, and Magic among the Azande, the Azande tribe in Southern Sudan use magic not to explain why a granary fell, but to explain why a granary fell on a particular person. The Azande understand all the practical reasons why a granary might fall: its old, rickety, termite infested, etc. They knew it was going to fall sooner or later. But what they cannot explain is why it picked a specific moment to fall. And why did it fall when one person was shading under it instead of when someone else was underneath it? That’s where magic comes in.

Evans-Pritchard writes:

To our minds the only relationship between these two independently caused facts [the granary collapsing due to old age, and it collapsing onto certain people shading beneath it] is their coincidence in time and space. We have no explanation of why the two chains of causation intersected at the certain time and in a certain place, for there is no interdependence between them. […] Zande philosophy can supply the missing link. The Zande knows that the supports were undermined by termites and that people were sitting beneath the granary in order to escape the heat of the sun. But he knows besides why these two events occurred at a precisely similar moment in time and space. It was due to the action of witchcraft. If there had been no witchcraft people would have been sitting under the granary and it would not have fallen on them, or it would have collapsed but the people would not have been sheltering under it at the time. Witchcraft explains the coincidence of these two happenings.

Evans-Pritchard: Witchcraft, Oracles, and Magic among the Azande. p69-70

The Azande believe that the reason the granary fell on those particular people, at that particular time, was because a witch cast a spell. For the Azande, and many other tribal people, magic becomes a way of explaining the radical contingency of life. And, to one degree or another, magic also enables the user to arm herself against contingency. Spells and charms are used to protect the wearer from other spells and charms — to ensure that the granary doesn’t fall on you.

The more and more I think about the promises of data-mining and security, the more and more I find myself thinking about magic. In particular, I keep returning to the Azande’s use of magic to connect and control seemingly random events in order to make the world a safer and less contradictory place.

For the western world, it’s harder to think of something more contradictory than an act of terror. On the one hand, acts of terror have a certain unpredictable randomness to them — why this year’s Boston Marathon or the Twin Towers on that particular day? At the same time, because the perpetrators are seen as part of larger networks of human activity, acts of terror also strikes us as something that should be entirely preventable – they only happen because of breakdowns in intelligence or policing.

Further, one can even argue that due to the spectacular and often symbolic nature of terrorist strikes in the West — often perpetrated against national targets or on days of significance — there is a certain “magical” aspect to them. Like a spell, the function of the terror strike is not only to attack the people at the scene, but the psyche of a nation — or social/ethnic group as a whole. It’s at once physical and metaphysical.

Hence we reach the promise of security data-mining: if we collect enough ingredients (data records) and if we say the right incantation over them (algorithm code), then we will be protected. Through magic, we can know when existential evil will strike; we can prevent the granary from falling upon us.

To be clear, in comparing the use of data-mining for security purposes to Azande magic, I’m not saying that data-mining isn’t an effective tool. There is significant evidence to suggest that it’s worked in the past. It’s a perfectly rational system.

That said, if you were to ask one of Evans-Pritchard’s Azande about the efficacy of magic, they’d produce evidence as well. That’s the think about systems, from an insider’s view they typically appear rational. Standing on the outside, you tend to see things a little differently. And that’s what we gain from thinking about security data-mining through the lens of magic: an outside perspective. It gives us an opportunity to think about some of the underlying reasons we are trading privacy for security – or rather the promise of security.

In other words, how much of our support for these activities is based out of a hope that they will protect us, rather than their actual ability to do so? And what are we paying into the system in return for that hope? Magic always has a cost.

Considering that the revelations about the NSA come the same week that the Supreme Court ruled that taking DNA samples is akin to taking a fingerprint, it seems to me a good time to pause and think. After all, how far separated are our phone, credit card, email and social media records from our DNA and fingerprints? They are all the marks we leave on the world. At what point does it begin to make sense to start scanning those records for evidence of other criminal acts? Consider the question Adam Weinstein asked last night:

Side note, obviously, but I guess I just wonder: If NSA has this massive capability, how are there still any child pornographers at large? — Adam Weinstein (@AdamWeinstein) June 7, 2013

Update: Another parallel worth noting between magic and algorithms is that in both cases, much of their efficacy is based on secrecy. As Marcel Mauss points out in A General Theory of Magic, the reason a witch/sorcerer/warlock/shaman is needed is because they possess secret, expert knowledge necessary to make the spell work. The person availing themselves of the service is not able to always see the spell being cast. And even when the casting happens in front of people, there’s always something necessarily hidden from the participants. So everything hinges on one’s faith that they found a “real” shaman, versus a fraud (and most people acknowledge that there are only a few “real” shaman out there).

Likewise the algorithm is always secret. Even in the case of Google Search, it’s always about reverse engineering how it works. The rational is that we cannot learn about the inner workings of the security system because revealing those workings will undercut the entire system. Granted, when it comes to data-mining algorithms, the argument seems pretty cut and dry.

Still accepting that rational — to see it is to destroy its ability to protect us — also means that we are dealing with a black box and need to trust our experts that things are working correctly. And to some degree it moves away from the realm of scientific proof and back into a space of “faith.”