Raytheon RIOT software tracks people, predicts future behavior

If you have attracted the “wrong kind” of attention by the government, then the intrusive data-mining analytic software developed by defense contractor Raytheon may be able to figure out your next move before you make it.

Wikipedia explained the “extreme-scale analytics” systems that Raytheon calls Rapid Information Overlay Technology (RIOT). It “allows the user to track people's movements and even predict their behavior by mining data from social networking sites including Facebook, Twitter, Gowalla, and Foursquare. Raytheon claims that it has not sold this software to any clients, but has shared it with US government and industry.”

The software is not “new,” but the video obtained by the Guardian is new to us, the public. In it, Raytheon's 'principal investigator' Brian Urch explained how RIOT software works. He used a Raytheon employee dubbed “Nick” before showing how to use the software to find pictures of Nick as well as where he checks in or has otherwise given away his location. Some of the most disturbing quotes include, “Now we know where Nick’s going; we know what he looks like and now we’re going to try to predict where he may be in the future.” The results showed the top ten places where he has checked in.

After more analysis showed the top time that Nick checked in, the most irritating portion of the video was when Urch said, “So if you ever did want to try to get ahold of Nick, or maybe get ahold of his laptop, you might want to visit the gym at 6am on a Monday.”

"Social networking sites are often not transparent about what information is shared and how it is shared," Ginger McCall of the Electronic Privacy Information Center (EPIC) told the Guardian. “Users may be posting information that they believe will be viewed only by their friends, but instead, it is being viewed by government officials or pulled in by data collection services like the Riot search."

Yet a spokesman for Raytheon's intelligence and information systems department claimed, "Its innovative privacy features are the most robust that we're aware of, enabling the sharing and analysis of data without personally identifiable information [such as social security numbers, bank or other financial account information] being disclosed."

When Raytheon announced RIOT in 2010, the company said the new analytics system “readily scales to trillions of entities.” Steve Hawkins, vice president of Raytheon's Information Security Solutions business, added, "Analytics is the key to outmaneuvering our adversaries in the face of the staggering volume, variety and velocity of information in cyberspace." National security is very important, but trillions?

Snooping on trillions of citizens brings to mind such spying as the NSA’s Perfect Citizen. Raytheon also won that $100 million classified contract. An internal Raytheon email, according to the Wall Street Journal, said “Perfect Citizen is Big Brother.” The difference between RIOT and Perfect Citizen is that the latter “uses sensors deployed on computer networks to detect unusual activity and warn of an impending cyberattack. The NSA claims that Perfect Citizen is merely a research and development program.” Yet EPIC obtained documents on that “suggest the program is operational and confirmed, and that Raytheon was contracted to develop and deploy certain components.”

Regarding RIOT, the Telegraph called it “stalking software” and the Guardian compared it to a “Google for spies,” but RIOT doesn’t seem especially sophisticated for national security; the information is gleaned via social media. If crooks and terrorists are “checking in” on FourSquare, announcing their plans on Facebook, and posting images with Exif data, then they deserve to be called dumb criminals. Such was the case with the hacker who tweeted his FourSquare location after hijacking Ashton Kutcher’s account. I also don't think it shows a complete picture of people's lives, however it might be due for an upgrade which would make it even sneakier. According to a Raytheon patent about "assessing a person's security risk," the method “includes receiving data from a plurality of disparate data sources.”

A little wisdom goes a long way when it comes to social media. Please remember that anything you say or share on social networking sites can come back to bite you at a later date. As much we may wish the data-mining of social networking sites would go away, it's not going to. It's not right and seems like another attack on civil liberties, but big data is all the rage and even more data-mining will reveal even more private details not necessarily shared online in social media. Stop over-sharing or else RIOT can help the government “track somebody in cyberspace” and then sneak in to get hold of your laptop or other mobile device. 

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies