As an addendum to my post about information systems and the politics of the failed attack on Dec. 25, here’s a nice paragraph from Dan Ryan at Sociology of Information.

The president was furious about the failure of the system to see “the red flags” and intelligence agencies are reported to have said that the information they had was “vague but available.”  The problem is that flags are not, in general, a priori red.  Presumably, some smart people are thinking about how systems see and things like that; hopefully, they don’t just think of it as “connect the dots.”

Ryan points out that many of the new measures we know about are designed to create more information.

In the framework from my previous post, the problem here is that the machinery built to process information failed. I would not want to fall into the trap Ryan decries of complaining that “dots” went unconnected. I do think however that a process that better collated the available information might have brought this threat to wider attention. So it’s not “connect the dots,” but rather “collate and evaluate” information.

Then again, a radio report last night (BBC interviewed someone clearly from a conservative organization in D.C.) pointed out that gate personnel were working from the wrong no-fly lists. This person seemed motivated by some anti-Obama talking points, but if part of the statement was factual, both the information and response systems were broken.

It’s not every day that you read a lead political story in The New York Times and find 10 mentions of “information.”* But in today’s report on the intelligence failures that allowed a man to board a flight to the United States with explosives in his pants, information aggregation, processing, and distribution is the core of the story.

The political noise since Sunday has been over whether “the system worked,” as Homeland Security Secretary Janet Napolitano gracelessly stated (though she clarified later). President Barack Obama yesterday noted that there was a “systemic failure” in connecting information about this particular attacker and signals that a “Nigerian” may be part of an upcoming attack. Obama said, however, that “once the suspect attempted to take down Flight 253, after his attempt, it’s clear that passengers and crew, our homeland security systems, and our aviation security took all appropriate actions.”

The confusion here comes from the fact that there are two systems under discussion. An information system built to gather, analyze, and redistribute intelligence failed, but a response system designed to deal with a crisis apparently worked.

This is a rare case in which the collection, processing, and use of information by a government makes headlines. Below the political blame-seeking and analyses of implications for an “embattled” White House before midterm elections that are still a year away lies a serious discussion of the ability of the United States government to manage security-related information.

The information system that failed on Sept. 11, 2001, was changed drastically with the establishment of the Department of Homeland Security and the Office of the Director of National Intelligence, which were each intended to be central nodes for better cooperation among bureaucracies for national security. The new system, in this case, suffered from familiar failures.

Ideally, the system would have put the attacker on a no-fly list (though as security researcher Chris Soghoian has shown, this may not have stopped him from flying). He wasn’t on the list, because no one connected his father’s statements that he might be involved with terrorists in Yemen with other intelligence about a coming attack by a Nigerian. Aside from bureaucratic procedure, it seems a variety of information architectures and processing rules might have made this connection more apparent, either by human or automated analysis.

* There were 10 mentions in the print edition. Online may be different.