Q&A: Former FBI Counterterrorism Agent David Gomez On PRISM, Intelligence, And Data Mining

Does PRISM solve the wrong problem?

The National Security Agency spying program known as PRISM is a huge deal. Accessing private information from nine major internet companies, PRISM gives intelligence agencies a veritable sea of information to sort through in their attempts to discover the next threat. Meanwhile, the NSA collected phone records for millions of Verizon customers following the Boston Marathon bombing, assembling a vast pool of data to mine in the hopes of uncovering accomplices of the bombers.

To figure out what all this means, I chatted with David Gomez, a former assistant special agent-in-charge and counterterrorism program manager with the FBI. Gomez now runs HLS Global Consultants, a risk-mitigation consulting firm.

As I understand it, “intelligence” involves gathering information before a crime has been committed, while “investigation” involves collecting that same information as evidence afterward. Is that accurate?
Sort of. Criminal intelligence and evidence are sometimes collected at the same time. All evidence is intelligence, but not all intelligence is evidence. However, in the national security world, intelligence often precedes evidence. Intelligence is often the marker that will lead to a domestic criminal investigation.

Is open-source intelligence used by the FBI? If so, how?
Of course. Both the FBI and local law enforcement use reporter’s stories to develop intelligence about non-national security crimes, or, as in the Snowden case, possible espionage. With the advent of the internet, law enforcement intelligence analysts the world over review open-source databases for information and intelligence of “lead” value.

A common criticism regarding pre-9/11 intelligence is that the U.S. had the information, it just failed to put it all together. Do you think a data-mining suite, with the kind of access PRISM grants, would help combat this problem?
FBI Director Robert Mueller has made that argument in testimony before Congress. But I think that is probably overstating the value of large-scope database mining for intelligence. All the dots and data in the world become a puzzle to put together, where you don’t know the picture and you are not sure how many pieces are in the puzzle. Plus, you have to put it together upside-down.

Is too much information ever a problem in a case?
In a case? No. But too much information can be a problem in trying to determine what is significant in a national security problem, which is meant to inform policymakers, rather than convict someone in court. Too much data can confuse the issue for analysts.

Is the problem facing U.S. intelligence more a dearth of information or a lack of adequate analysis?
The problem facing U.S. intelligence is too much information, along with the question of how to utilize the wealth of information that is being generated daily about our private lives. That information is being collected and saved, not by the government, but by private industry, with our consent. The essential and controversial problem is how to get access to and how to then use the information legally.

In your experience, are there ever incentives to gather and report unnecessary information, perhaps as a bureaucratic face-saving strategy?
In my experience, new analysts often produce unnecessary reports that are often the regurgitation of information that is already reported elsewhere, out of a need to produce intelligence reports. These are time consuming for a manager to read and review, only to realize that there is nothing really new in the report. But the opposite is also sometimes true. Often information is not reported as intelligence because there is already open-source reporting. But often the open-source reporting will miss the intelligence and law enforcement significance of the data. It is the analyst’s job, in my opinion, to make the data relevant to the reader.