Mastering Data Management

More in Government

• More Mobile, More Competitive Government
• We Are Our Own Columbos
• The End of the Social Security Number?
• Five Rules of Successful Identity and Social Network Analysis

More from Jhuth

• What’s In a Name? Transliteration and Variation
• Identity Resolution, Data Quality, Data Integration, MDM, Entity Resolution…Oh My!
• Entity Resolution & MDM: Interchangeable?
• Can You Play Extreme Bingo?

Share this Post

Recent Comments

• Lorraine Fernandes on Response: A Universal Identifier Isn’t a Silver Bullet
• Henrik Liliendahl Sørensen on Response: A Universal Identifier Isn’t a Silver Bullet
• Response: A Universal Identifier Isn’t a Silver Bullet | Mastering Data Management on 3 Best Practices in Identity Management

A better watchlist should be dynamic and risk based

Watchlists came into the spotlight again last week when Gordon Brown, the UK Prime Minister announced to the House of Commons a series of measures to strengthen UK security. In his statement, he explained:

“I can announce today that as well as extending our Watchlist we intend - for the first time - to use the Watchlist as the basis for two new lists: first a no-fly list and second a larger list of those who should be subject to special measures including enhanced screening prior to boarding flights bound for the UK. We will use the new technology we have introduced and our partnerships with police and agencies in other countries to stop those who pose the greatest risk from travelling to this country.”

Mr. Brown outlined the expansion of the UK watchlist and the creation of a no-fly list and larger list of those who should be subject to special measures. This move essentially mirrors what the US has done with the “No-Fly” list and “Selectee list.”

We talked about watchlists a little in an earlier post when President Obama called for a review of the watchlist system.

Perhaps more important than creating a tiered system of lists (which is what the US has and the UK will now have) is the means by which someone gets added to or removed from a list, and the generally static nature of the lists themselves.

If I was president of my own country and I wanted to build a new watchlist system, I would require the system to have two key characteristics:

Dynamic

Data should be the best quality possible going in. Before someone goes onto a list, you should be able to discover as much as possible about that person. As they are added to the list, they should be compared to other entities on the list. Doing so should resolve the person with someone already on the list, or create relationships with other persons already there.

Information should be constantly poured into the list to improve the quality of identities and relationships discovered. By “stimulating” the list with new information we will hope to progress persons to a higher tier of list or identify candidates to flush out of the list.

Entity resolution will be used to help these processes, both as a data quality monitor at the front of a list and also as the engine of the list itself to consume new information, connect persons on the list, and update itself.

Risk-Based

Being dynamic with an entity resolution core, the list now has entities and relationships that are better known than others. There are identities on the list that have a higher score (e.g., probability of intending harm) than others on the list, but we just don’t know enough about them yet to put them on a higher tier list.

In this case, a watchlist can work kind of like a credit score, in that the privilege they are requesting will be used to determine the answer. A person may be able to open a new credit card with a low credit score but they certainly won’t be able to take an auto loan on a new Ferrari.

Likewise, a person may be able to take a domestic commuter flight (e.g., not on the no-fly list) but they certainly wouldn’t be able to take an international flight from an airport with weak screening (e.g., on the no fly list because of the risk).

Related, but perhaps most importantly, my watchlist system would not be tied to one particular request.

The Selectee List and No-fly List are pretty much tied to aircraft travel. Generally speaking the “no-fly” list would become a “can they do it” list. Can this person fly, ride a train, take a bus, enter a government building, etc?

This isn’t meant to stifle commerce and transportation but rather, to borrow an information security term, be inclusive of the entire “attack surface” of my country.

Many privacy advocates and the media in my country seem to love aspects of my new proposed watchlist system. It keeps “regular” people private and out of the system and it matches the level of security to the level of the threat.