Do Railhead right or don't deploy until it IS right

"Hell is full of good intentions or desires."  -- Saint Bernard of Clairvaux (1091-1153).

As you may know, I recently was the subject of much ongoing wrath over a past Computerworld blog regarding the use of the word "waterboarding."  So this blog may surprise some of you when I say the time is nigh to either fish or cut bait with the Federal government's superdatabase project for collecting and analyzing suspected terrorist names, places, safe houses and favored methods of killing, called Railhead.  From the AP story:

At issue is Railhead, a software upgrade to the Terrorist Identities Datamart Environment, which is a vast database of names that feeds the nation's terrorist watch list. It is meant to help analysts "connect the dots" between known or suspected terrorists and their contacts, potential targets and safe houses. As of January, the database contained 500,000 names. The upgrade was supposed to be completed by the end of this year.

But the House Science and Technology investigations and oversight subcommittee said  that the program "has been imploding for more than one year," citing internal program documents and e-mails obtained by the committee.

Railhead is now estimated to have reached a $500 million milestone, and Congress is ripping mad about the project's largesse and interminable delays.  But there is something much more valuable at stake; something much more potentially dangerous than not completing the project.

And that is completing the project sloppily and incorrectly.

I recently had the opportunity to watch the film Rendition.  For those unfamiliar with the motion picture:  An American of Arab descent is whisked off a flight to Washington, DC and is flown to the Middle east as part of the factual "extraordinary rendition" program.  The theory is that torture cannot be done within the Uinted States, but those little details are of no consequence in certain foreign nations friendly to the United States and the industrialized West, including Great Britain and Germany. 

So this poor man, whose name just happened to appear on a certain data-driven list, is almost killed and certain heroic individuals step in to rescue him and return him to his family in America.

This would make great anti-US fiction if it were not for the fact that the basis of the story -- namely, extraordinary rendition -- is true.  Check out the DVD's special features to see just how many people --including innocents -- have been subjected to this program.

Where I am going in this blog is to say that any database program that pretends to be a list of terror suspects had better be damned accurate in order to not convict an innocent person via some sort of data glitch or miswritten algorithm.  We have all heard and read the stories about persons being denied the ability to fly based on their names suddenly appearing on a terror watch list.  Consider that Senator Edward Kennedy actually had problems flying because his name was on such a list!  Now I could see the "excessive dessert" watch list, or the "driving over a bridge" watch list, but the terror watch list? C'mon!

These little glitches are never explained fully.  But we IT people can imagine all too well how these things happen:  Garbage in, garbage out.  Truncated data as a result of everything from static electricity to a bad database reorg.  A lack of data authentication at the management level.  How do we know that a nameless woman, let's say, with revenge and larceny on her mind, wouldn't add her ex to a watch list just to spite him?  Or her, let's be gender-neutral here.  If s/he knows that s/he is protected by a cloak of government secrecy, how do any of us know if that isn't happening already?

The answer is we don't, unless and until we get snared in some TSA red tape and are denied our ability to fly or travel.  And we have to expend prodigious amounts of time, energy and money to vindicate onesself from this series of unfortunate circumstances.

And Allah save us if the person at the receiving end happens to have a Middle Eastern name.  I wonder just how many times Ahmad Rashad has had to deal with this.  Or Ahmed Hassan, the host of one of my favorite shows, Yard Crashers (DIY Network).

Back to the theme of this blog:  I simply do not have a sufficient level of trust with the federal government (and/or its contractors) to get this database right, if the news accounts are even remotely close to accurate.  And if the government cannot guarantee that innocent people will be inconvenienced, let alone spirited off to some other nation without due process, then maybe it is time to cut the cord and let this project drift into oblivion and start over. 

But what of the current database for tracking suspected terrorists?

The committee investigation also found problems with the existing terrorist database. It says 40 percent of suspect names and addresses contained in CIA cables that should be entered into the database are never entered.

So do the program right.  Don't subject innocent Americans to inconvenience, detention or worse because a vendor needed to rush the program to completion.

Computerworld's IT Salary Survey 2017 results
Shop Tech Products at Amazon