November 10, 2009 





Big Medicine is published by Team EMS Inc.


Managing Editor

Hal Newman  


Contact: ideas@tems.ca




Avi Bachar

Steve Crimando

Angela Devlen

David Newman

Hal Newman

Chris Piper

Norm Rooker

Ghassan Michel Rubeiz

Jim Rush

Blair Schwartz

Geary Sikich

Ric Skinner

W. David Stephenson

David Suzuki

Sacha Vais

Beryl Wajsman


Contributor Emeritus

Erik Ronningen




Special Feature

H5N1 Briefings

News & Terrorism






Middle East





Disaster Mgmt





Hazard Research



Stop Violence Against Women & Girls






The views expressed here reflect the views of the authors alone, and do not necessarily reflect the views of any of their organizations. In particular, the views expressed here do not necessarily reflect those of Big Medicine, nor any member of Team EMS Inc.



















Networked homeland security as model for piracy issue

[May 31 2009]

Unaccustomed as I’ve become to blogging, I thought this was important enough to do a post…

Watching the coverage of the Maersk Alabama piracy incident, it seemed to me that conventional responses are ineffective because of the extreme asymmetrical aspect of the situation and because conventional treaty-based mutual defense approaches aren’t relevant on the high seas.

I think my “networked homeland security” theory may be an appropriate model for response. Here’s why:

  • these situations are fluid and fast-moving, so any response has to have the same fluidity.
  • real-time, location-based information is critical.
  • the response needs to be collaborative — reflecting “social data analysis,” in which a large number of individuals, each of whom make have some of the relevant information, can use Web 2.0 tools such as threaded discussions, wikis, etc. to analyze the situation.The likely result of such a collaborative analysis (and one, incidentally, in which the cast of characters will likely be different in every situation depending on who happens to be in the vicinity and/or has relevant information) is likely to be a more nuanced, comprehensive and accurate one than if only one analyst or a small group was involved.
  • the exact mix of data will vary in each case: in some situations there may be live, streaming video available to document the situation; in some, still photos relayed by camera phone, and who knows what other information may or may not be available depending on variables such as location, weather and/or Internet access. As long as the relevant information is relayed in an IP- and packet-based fashion, it an be shared by an ad hoc network of those who happen to be in the region at the time.

Given the pirates’ asymmetrical strengths of speed and surprise, ad hoc communications and decision making through networked homeland security may be our best countervailing power…

Permit me to re-introduce myself. I used to write this blog.

March 7 2009

In fact, some of you may remember the days when I’d try to write 3-4 thoughtful posts a day. I like to think the result was pretty informative. But that was then, and this is now. Two things have happened in the six months that mean the blog is pretty much mothballed for the foreseeable future:

  1. I fell hook-line-and-sinker for Twitter, which I once poo-pooed as an exercise in narcissistic navel-gazing. By contrast, I’ve found that not only is it an effective means of communicating, sometimes on pretty sophisticated topics, but also that it’s great for the kind of ad hoc emergency communication that I specialized in. Therefore, if you want to track what I’m doing, your best bet is to subscribe to my Twitter feed.
  2. More important, I’m facing a really tight deadline, the end of March, to complete a book manuscript, “Democratizing Data — to transform government, workplaces, and our lives,” about what I believe is a revolutionary approach perfectly suited to the combination of circumstances we face today: total loss of faith in government and business, the need for fewer remaining workers to do more with less, and to come up with creative solutions to increasingly complex problems. I believe the democratizing data is the way:
    • making our organizations data-centric: by that I mean instead of laboriously retrieving data from organizational data bases, adding informative metadata to it with XML or KML tags, and distributing it automatically through syndication.
    • designing software (open-source is particularly well suited to this approach) so that all users will be able to automatically share the data, rather than the past practice, in which data pasted into applications was then trapped in those applications.
    • designing a seamless cycling in which workers (with varying levels of permissions based on their roles), regulators, and even the public, will have access to this data, on a real-time basis. Experience from leaders in the field have shown this can be done while respecting strict privacy and security standards.
    • The results will include:
      • giving workers the real-time, often location-based information they need to do their jobs more effectively, and to collaborate with those in other offices and programs who need to share the same data. In many cases, this will be the first time they have had access to this data
      • substituting “smart” regulation for the abysmal failures of the Bush Administration. Following the Dutch model can dramatically reduce corporate compliance costs, and improve regulation by allowing various agencies to share the same data on a real-time basis (there is some evidence such an approach might have actually avoided the excesses that led to the economic collapse).
      • rebuilding public confidence in government and business through a “don’t trust us, track us” approach to transparency that provides facts and lets the public, media and watchdog groups judge for themselves whether officials are truthful.
      • even leveraging the “crowdsourcing” phenomenon to actively involve the public as co-creators of valuable new services, as was done by the District of Columbia’s innovative “Apps for Democracy” contest.

      I’m getting great initial reaction to the approach (probably due in great part to the fact that I was originally going to co-author the book with Vivek Kundra, the charismatic DC CTO who is now likely to become the Obama Administration’s e-government director, in which case it’s likely he’d have to withdraw from the project. Whether or not Vivek is an active participant, the book reflects much of his thinking). The video above (there are 3 other sections, which you can also find on You Tube — it was a hand-held version shot by an attendee at a recent O’Reilly IgniteBoston event) will give you a good introduction to what I’m talking about, as will numerous Slideshares I’ve done.

      So that’s why I haven’t been blogging and am unlikely to resume doing so in the near future (although look for a new wiki I’ll be launching in the next week or so to test sections of the book and solicit crowd-sourcing ideas for it! See you around campus!



Spy makes it easy for authorities to monitor social media in disasters


Spy is yet another app in the ever-expanding ecosystem spawned by Twitter (and to think that critics such as I used to pooh-pooh 140-character messages as of little importance… mea culpa, mea maxima culpa), and it makes it possible for authorities in crises such as the Mumbai attacks to monitor social media including Twitter, FriendFeed, Flickr, blog comments (from BackType), Yahoo News, blogs, and Google Reader.

As I’ve said countless times before (and this situation underscored), in natural disasters and terrorist attacks, people can and will use the Web 2.0 apps. and sophisticated mobile devices that they use every day, so it’s incumbent on authorities to:

  1. instruct us on how to use these devices (especially camera and videophones) to provide invaluable situational awareness to them (LET ME KNOW IF YOUR LOCAL AUTHORITIES HAVE GIVEN YOU ANY GUIDANCE ON THIS ISSUE. DON’T WORRY ABOUT ME: I’M NOT HOLDING MY BREATH WAITING FOR EXAMPLES…)
  2. monitor the social media for said situational awareness.

Ben Hedrington (thanks Ben!) has taken care of the mechanics of #2 by creating Spy. So what’s your excuse, government agencies, for not taking action on this vital concern?



November 11, 2008

Get your attention with that subtle headline?

Apologies in advance for “shouting.” It’s just because OUR LIVES MAY DEPEND ON WHAT I’M ABOUT TO SAY. Also apologies in advance for the snippy tone of some of this: I’m just fed up with official stupidity and myopia about the issues that I’ve devoted my life to for the past seven years — stupidity and myopia that puts all of us at increased risk and denies them the eyes and ears of concerned and empowered individuals.

OK, folks, I know that I haven’t been seen in these parts much in recent months: between my work on transparency and my near-total switch to micro-blogging on Twitter, you’ve seen little from me on homeland security and emergency planning.

In part, frankly, it’s due to the near total distain within the Bush DHS (with a few noteworthy exceptions: you guys know who you are, and I’m eternally grateful for your support..) for empowering the general public to play a critical role via Web 2.0 apps and, more important, the Web 2.0 ethos of collaboration (if you’re interested, here’s my theoretical summa on the issue). All you have to do is look at Ready.gov, which has certainly improved over the years but remains clueless about Web 2.0 (oh yeah, DHS may not get it about Web 2.0, but the bad guys do: the Army fears that al Qaeda may use our beloved Twitter to communicate about attacks).

For all our sakes, let’s hope the Obama Administration gets with the program: its general technological sophistication certainly gives one hope that will be the case.

Meanwhile, back to the urgency of this post.

It hasn’t gotten the media play it deserves, but bin Laden is reportedly planning an attack on the US that would “far outdo” 9/11!

“…a former senior Yemeni al-Qaeda operative said, the terrorist organisation has entered a ‘positive phase’, reinforcing specific training camps around the world that will lead the next ‘wave of action’ against the West.

The warning, on the front page of an Arabic newspaper published in London, Al-Quds Al-Arabi - and reported widely in the major Italian papers - quotes a person described as being ‘very close to al-Qaeda’ in Yemen.

The paper is edited by Abdel al-Bari Atwan, who is said to have been the last journalist to interview bin Laden, in 1996.

Bin Laden is himself closely following preparations for an attack against the US and aims to ‘change the face of world politics and economics’, (my emphasis) the report says.”

Put aside for a minute the utter insanity and tone-deafness bin Laden is showing by contemplating a huge attack in wake of election of The Most Popular Person in the Entire World (I’d imagine it would take President Obama about 10 minutes to put together a Coalition of the Eager that would roughly contain the entire UN membership to obliterate bin Laden once and for all!!!).

If he does launch such an attack, this would be the ultimate test of what I’ve been preaching since 9/11: that the advent of increasingly sophisticated networked portable personal communication devices and Web 2.0 apps to capitalize on them mean that you and I will play a major role in preparation and response for an attack, WHETHER OR NOT OFFICIALS WANT US TO (and, as I’ve chronicled since then, that’s just what has happened during Katrina, the San Diego wildfires, and this year’s hurricanes).

Here’s what you need to do (what I need to do is a quick update on new apps and devices that give even more options for ad hoc emergency communications, so mail to tag: e-mail me your suggestions on additions, and check back frequently!):

  • read the VITA Advisory tips I created for the Wireless Foundation on smart use of wireless devices in emergencies
  • read the expanded version of the tips I’ve created under my “21st-century disaster tips you WON’T hear from officials” (sadly, that title is still valid: please prove me wrong, officials…).In the case of things such as downloading the CUWiN software that would allow you to create an ad hoc community mesh network if The Internet Tubes are down, or programming “ICE” numbers on your cell, do it now.
  • watch the YouTube videos I’ve created on some of the tips (sorry for the crinkly-eye squint, it’s genetic…)
  • get the free materials from Ready.gov (they’re pretty good, but just not comprehensive) and my peeps at the American Red Cross.
  • subscribe to my buddy John Solomon’s blog: he’s taken up the slack as I’ve moved on, and does a great job (get well quick, John).
  • since no one else seems to remember how the civilian population was deputized to be on the lookout for spies durng WW II, check the phenomenal website of Pennsylvania’s great Terrorism
    Awareness and Protection site
    which will not only tell you what kind of info officials could use about an impending terror attack, but reminds you of Bill of Rights and their protection of free speech, something which may come back into vogue on Jan. 20…)
  • let your local police and fire departments know about apps such as Twitter, Qik and Flickr that you and your friends will use in a disaster and which could provide them with invaluable situational awareness — if only they know to look for it (snarky aside: I contacted International Association of Chiefs of Police, suggesting they have me speak on this issue at their conference this month, especially since it’s being held in San Diego, where mobile social networks really came to the fore during the wildfires. Why am I not surprised that they never returned the call? But I digress).

One final request: three years ago I created a highly-praised series of data bases for smartphones and PDAs, which allowed you to find detailed info. about what to do after a disaster in only 3 clicks. That way, if you lost all communications ability, as long as one person in a group had the application on their smartphone or PDA, s/he would be able to help others respond, and thereby lessen the burden on first responders.

In all modesty, it was a fantastic service, and I always hope that some agency or foundation would pay me to expand and maintain it and to make it available for free to everyone (that would certainly be an indication that government got it about Web 2.0, eh?). However, no one did, and the modest sales of the subscription version didn’t warrant me maintaining it on your own.

If I had a contract in the next week, I could bring it up to date within a month, and, I hope, also port it to iPhones. Given how pervasive smartphones and iPhones are today, an updated, free to download “Terrorism Survival Planner” could and should be a critical part of a comprehensive terrorism and disaster preparation and response program.

Please contact anyone you know who could pony the modest amount of money it would take to make it worth my while (despite what my wife thinks, I’m not a 501c3…)  and I’ll spring into action.

PS. Please pass this on: we’re all in this together!



Stephenson's Homeland Security Laws

By way of introduction, these are “laws” in the scientific, not legal, sense, meaning “generalizations that describe recurring facts or events in nature.” Yes, they are definitely true, and shouldn’t be questioned by anyone, because I said so, and if you don’t play by my rules, I’ll take my marbles and go home…

  • Stephenson’s Law #1: find a solution to your problem by thinking of someone who shares the same problem, but to the nth degree, because their pain has probably motivated them to find an answer.
  • Stephenson’s Law #2: the creators of a truly innovative technology can’t imagine in advance all the ways users will find to apply it to meet their own particular needs, so stand aside and let things evolve.
  • Stephenson’s Law #3: in a crisis, turn communications over to the 15-25 year olds — they know how to route around obstacles (including adults!), and are most familiar with exploiting the full capabilities of emerging communication technologies.
  • Stephenson’s Law #4: build a robust emergency communications system from technologies and applications used by many people daily (with particular emphasis on interoperability and collaboration, because they’re instantly available in a crisis, evolve constantly, and foster networked homeland security responses.

Stephenson’s Law #1: find a solution to your problem by thinking of someone who shares the same problem, but to the nth degree, because their pain has probably motivated them to find an answer. (I discovered this one back in my enviromental consulting days: the US nuclear sub fleets were the first to eliminate paper manuals and go all-digital, back in the late ’80s, since every piece of paper was a burden in their cramped quarters).

Stephenson’s Law #2: the creators of a truly innovative technology can’t imagine in advance all the ways users will find to apply it to meet their own particular needs.

Stephenson’s Law #3: in a crisis, turn communications over to the 15-25 year olds — they know how to route around obstacles, including adults, and are most familiar with exploiting the full capabilities of emerging communication technologies.

Stephenson’s Law #4: build a robust emergency communications system from technologies and applications used by many people daily (with particular emphasis on interoperability and collaboration), because they’re instantly available in a crisis, evolve constantly, and foster networked homeland security responses. Government emergency communications systems always seem behind the times, rely on obsolete technologies, etc., and are mysteries to the public — who would be forced to learn a new system during a stressful period when familiarity, simplicity and ease of use should be emphasized. By contrast, commercial technologies and related applications the public uses daily, from camera phones to OnStar to Google Maps, are familiar because of this daily use, constantly upgraded, and, because they are increasingly packet- and IP-based, don’t require a central authority to operate, and offer the possibility of self-organizing, self-healing peer-to-peer networks that are more likely to still operate during a catastrophe. Why not make them the heart of emergency communications?



FCC & cellphone carriers get it! Targeted wireless alerts!


[Apr 19 08]

USA Today reports that the FCC may approve, as early as today, the technical standards for a nationwide system that would send text messages to cellphones and other wireless devices whenever there’s an emergency. The system could be operational by 2010, and could be used for terrorism, weather, or child abduction alerts.

That’s great: finally a recognition that in 2008 most people are likely to be reached first by a wireless device, and that texting is the best way to send alerts, conserving bandwidth and increasing the chance the message will actually reach the intended recipient!

According to the story, AT&T, Verizon, Sprint Nextel and T-Mobile, had said they will “almost certainly participate.” Initially, the messages would be limited to 90 characters (BTW, since I’ve come to rely more on Twitter, 90 characters seems ample, and forces you to come right to the point!) and would be only in English.

It stems from a 2006 law requiring upgrades to the emergency alert system.

Until the new system is implemented (with the exception of areas such as Contra Costa County in CA, where the always-ahead-of-the-curve Art Botterell had the sense to bring in SquareLoop, so that he can send automatic alerts to any cellphone owners who happen to be in the county during an emergency) we’re limited to the obsolete approach so many colleges and universities took after VA Tech, signing up with opt-in text alert systems. If you’re a student, staff or faculty member who didn’t sign up, or a member of the public who happens to be on campus when everything goes to hell in a handbasket, you’re out of luck.

By contrast, SquareLoop automatically broadcasts to cell phones that happen to be in the affected area right now, and only to those people, minimizing panic and allowing much more targeted messages: for example, those downwind from a chemical spill could get evacuation notices, while those in the other direction could get a different message to shelter-in-place.

According to the article:

“Under the planned system, a county, state or federal first responder would send an alert to a still-to-be-determined federal agency that would serve as a clearinghouse. That agency then would relay the alert to participating wireless carriers.

“The messages would be broadcast on a single pathway to many users in the affected region, like a radio signal, avoiding the congestion that now afflicts such warnings. Few cellphones today can receive such messages, but most will be able to in three to five years, says Verizon Chief Technology Officer Tony Melone. Consumers with compliant phones would receive alerts unless they opt out.”

Let’s get that system up and operating ASAP. It’s about time that we relegate the broadcast alert system to a subsidiary role in recognition of the dramatic shifts in technology and lifestyles.


Business benefits of data visualization


[Mar 1 08]

Ooops! Got so caught up in politics and family stuff that I didn’t realize my op-ed on the business benefits of data visualization ran last week in Network World’s online edition.

As the title (”Data visualization: the under-appreciated Web 2.0 tool”) suggests with all the subtlety of a sledge hammer, I believe data visualization is both a tremendously important tool and tremendously under-appreciated. It deserves more consideration, alongside wikis, blogs, tags etc. as ways for corporations and government agencies alike to encourage collaboration, improve policy discusssions, and evaluate programs.

The op-ed grew out of a comment to Jon Udell by the DC officials responsible for establishing its Citywide Data Warehouse, the more than 150 real-time data streams the city releases on a real-time basis. The officials said they’d used the same data streams internally to encourage collaboration and improve program collaboration.

That got me thinking.

As enthusiastic as I am about directly involving the public in “transparent government” initiatives to harness the “wisdom of crowds” in policy debate and analysis, it made sense to me that the first place to try these techniques would be behind the firewall, both because it would help eliminate possible problems with the initiatives before actively involving the public and because government employees also need tools and methods that will allow them to identify program overlaps or — more optimistically — synergies and to involve and empower all workers.

In the op-ed, I identified a range of benefits that it seemed to me warranted use of data visualizations within corporations and government agencies:

  • Take reams of data you collect but are only analyzed historically …… Instead, portray them dynamically, in real time, where they can help make immediate decisions.
  • Facilitate gathering perspectives from others, especially in free-flowing exchanges that can evoke the “wisdom of crowds” phenomenon, in which the final product of everyone’s contributions is more insightful than the sum of its parts.
  • Empower younger employees, and/or those with a special passion about or insights into more obscure issues, who might be reluctant in more hierarchical, linear processes to share their perspectives.
  • Rapidly identify “outlier” data, which may identify flaws in marketing or product design that don’t reach these potential audiences.
  • Relate a wide range of data, such as time, location and sales volume, that formerly were treated in isolation from each other but would be more informative if considered simultaneously.
  • Consider the relative benefits and drawbacks of alternative strategies by making it easy to compare and contrast them.
  • Understand, through geo-spatial representations, possible public opposition to siting of new facilities because of proximity to neighborhoods, landmarks, etc.

I concluded that those trying to implement internal data visualization project would encounter the same objections that are often raised about other Web 2.0 initiatives:

  • security risks
  • general resistance to new tools from older employees
  • concerns that data may get distorted by non-experts

However, there’s an aura of inevitability to the change: after all, younger workers are probably already fooling around with data visualization on their own, and will do so with or without official blessing.

I suggested that, rather than trying to impose full-scale implementation of data visualization company- or agency-wide, a better strategy would be to allow a small group of early-adopters already champing at the bit to try some pilot programs. The success of those pilots, and the enthusiasm of the participants will probably lead to pressure from others to become involved, speeding the wholesale adoption of these great new tools.

As the bumper sticker advises: visualize swirled peas!



Google Palimpsest: critical step toward transparent gov!


[Feb 3 08]

Yikes! I’ve been Twittering and sending e-mails about Google Research’s new Palimpsest service (which hasn’t been formally announced, but which Wired wrote about recently, citing sources within Google), but just realized I hadn’t blogged about it!

Mea culpa, mea maxima culpa — ’cause this is big!

IMHO, this could be the critical link in achieving the dream I discussed in my November “Transparent Government” speech (and accompanying Federal Computer Week op-ed), of actively involving the general public in public policy discussions, program evaluation, etc. through a combination of:

  • data visualization techniques that make vast reams of data comprehensible
  • governmental agencies’ willingness to release large amounts of data (preferably on a real-time basis) and to encourage the public to use the visualization tools to examine and interpret the data.

Palimpsest, as Wired previews it, doesn’t include that “transparent government” component, but it sure looks as if it has a parallel vision, and, most important, all the tools and proper attitude:

“.. [Palimsest] will soon provide a home for terabytes of open-source scientific datasets. The storage will be free to scientists and access to the data will be free for all. … Building on the company’s acquisition of the data visualization technology, Trendalyzer, from the oft-lauded, TED presenting Gapminder team, Google will also be offering algorithms for the examination and probing of the information. The new site will have YouTube-style annotating and commenting features.

“The storage would fill a major need for scientists who want to openly share their data, and would allow citizen scientists access to an unprecedented amount of data to explore.”

Perhaps the most important aspect of Palimpsest in terms of my vision is the role of the Trendalyzer tools.

Let’s pause for a minute to check out this presentation at TED by Trendalyzer’s Hans Rosling in order to fully appreciate what Trendalyzer brings to the table in terms of making dry statistics come alive!
Here’s what Marissa Mayer, who holds the critical post as Google’s vp for search products and user experience, blogged last March when they acquired Trendalyzer:

“‘… we are excited to announce that we have acquired Gapminder’s Trendalyzer software, and we welcome the Trendalyzer team to Google. Trendalyzer generates moving graphics and other novel effects in the display of facts, figures, and statistics in presentations. In its nimble hands, Trendalyzer views development data—such as regional income distribution or trends in global health—as literally a world of opportunity. Like Google, Gapminder strives to make information more useful, and Trendalyzer will improve any function or application in which data might be better visualized.

“‘Gathering data and creating useful statistics is an arduous job that often goes unrecognized. We hope to provide the resources necessary to bring such work to its deserved wider audience by improving and expanding Trendalyzer and making it freely available to any and all users capable of thinking outside the X and Y axes.’” (my emphasis!)

There are already a number of excellent data visualization sites that have cropped up over the past year or so. In addition to my personal favorite, IBM’s Many Eyes (I like its ease of use, community building features, and wide variety of visualization options), there are:

All of them are helpful, and have a variety of great features — check ‘em out, and take ‘em for a spin!

Having said that, there’s nothing like the mindshare a Google offering creates to dramatically increase interest in a field (just think how map-based mashups took off after Google released its Maps API in June, 2005: from zero to a skazillion in little over two years!). In addition to the huge impact of Google Map mashups, and acquiring Trendalyzer, Google already has a public foot in the data visualization water with the December release of their chart API (although, unless I’m missing something, there don’t seem to have been too many charts generated so far using it. Just wait).

Bottom line: it seems to me Google already has the key components as well as the mindset needed to make “public data” a popular Web 2.0 activity that will benefit the public, corporations, and government agencies, especially in some of the emerging areas such as homeland security and pandemic management that concern me.

It’s just a question of putting the pieces together and using its clout to enroll government agencies. Neat!

NB: A palimpsest is a manuscript page, whether from scroll or book that has been written on, scraped off, and used again. The word "palimpsest" comes through Latin from Greek παλιν + ψαω = ("again" + "I scrape"), and meant "scraped again." Romans wrote on wax-coated tablets that could be reused, and a passing use of the rather bookish term "palimpsest" by Cicero seems to refer to this practice. [from Wikipedia]


URGENT: with colossal storm hitting West, share my tips!


[Jan 7 2008]

The storm that’s headed inland right now is of biblical proportions: the Weather Channel predicts “potentially historic snowfall, flooding rains, and wind gusts to well over 100 mph are possible.”

Considering the hits places such as Denver have already taken this winter, that’s incredibly scary — and time to remind people about how my “21st-century disaster tips you Won’t hear from officials” can help you and your neighbors cobble together ad hoc communication networks when conventional ones fail.

In part, they stem from my own experience while trapped in what eventually evolved into a 36-hour impasse on I-78 on Valentines Day — when conventional communications were so wretched that Gov. Rendell didn’t learn about the mess (and then, only indirectly) until 9 hrs. after it began — at which point he went ballistic.

Among the tips that are particularly appropriate to this situation:

As the father of Web 2.0, Tim O’Reilly, said about my tips after the I-78 debacle,

The point of the article is a really good one. User self service and collective intelligence shouldn’t just be limited to consumer applications! This stuff has real utility for government disaster response. Unfortunately, governments tend to be late adopters of new technologies.

BTW, while the details haven’t been worked out, so I’m not at liberty to say any more at this time, I’m pleased to let you know that I’ll be creating a nationwide program this year on smart use of emergency communication devices in emergencies!

Transparent Government: How Releasing Data and Web 2.0 Applications Can Improve Government Services, Build Public Support and Involvement

[Nov 2 07]

"Transparent government," which combines Web 2.0 applications such as Google mashups with government data -- preferably released by agencies on a real time basis -- transforms citizens from mere recipients of government services into effective partners in their creation, improvement and evaluation. While some citizens have launched these programs on their own (without official blessing), agency participation will result in new insights, improved operations, and greater public support for government.

Reston, VA -- E-gov strategist W. David Stephenson said Thursday "Web 2.0 applications plus government data released on a real-time basis transforms citizens from mere recipients of government services into effective partners in their creation, improvement, and evaluation."
Stephenson, principal of Stephenson Strategies spoke on what he called "transparent government" at the New, New Internet conference.
Stephenson said that individuals have seized the initiative with transparent government (also called Google Government or data liberation) by taking data that otherwise might remain "meaningless numbers locked in obscure databases within remote agencies" and making the statistics informative and interesting by interpreting them and/or creating visualizations using Web 2.0 tools such as Google mashups. He cited examples including:

  • Chicago Crime, which displays crime data from the Chicago Police on Google maps to identify crime hotspots and identify crime trends
  • Neighborhood Knowledge Los Angeles, which overlays city data about 7 indicators of urban decay, such as code violations and unpaid property taxes on maps to identify declining areas in time for city agencies to intervene
  • illegalsigns.ca, which illustrates how someone with a passion for a single issue (in this case, illegal billboards in Toronto) can combine data, photos and Google maps to call attention to the problem and assist government agencies with enforcement.

Stephenson said government agencies can increase transparent government's benefits by releasing data on a real-time basis. He cited the District of Columbia's Citywide Data Warehouse, which uses RSS, XML, and Atom feeds to release data from 150 sources, ranging from crimes to pothole reports. Interpretations by public activists so far include a "mashup" showing where potholes have been reported (and whether they've been repaired: an example of "sousveillance," in which people hold government accountable by visibility), and a variety of features on the "Ballpark and Beyond" site covering Southeast Washington. The DC government also has benefited internally from the program, improving operating efficiency and data sharing between agencies.

Stephenson detailed steps agencies need to take to make transparent government a reality, including four that agencies haven't taken so far:

  • creating an attractive web site where people could post and share projects (sharing encourages others to add their own and to critique and improve others)
  • creating an easy-to-use tutorial that would guide the public through the "transparent government" process
  • publicizing the program to encourage participation
  • creating a built-in review process to encourage agencies to review the citizen-participation projects and insights they may provide.

Stephenson concluded that while "transparent government" may worry agencies because of the potential loss of control, citizen initiatives such as Chicago Crime show the trend will continue anyway, and that the more agencies become active participants, the more likely they will be to benefit from citizens' insights and to avoid errors caused by faulty or misunderstood data.

National Information Exchange Model — worth the wait!

[Sep 2 07]

More than 5 years after I suggested that the single most important win-win step the US could take to simultaneously improve security was to lead a global initiative to implement XML (because it would not only improve information exchange between terrorism and other criminal justice data bases, but also foster global economic development), it looks as if we’re getting somewhere.

FCW reports that Justice and Homeland Security departments are now pushing a different framework, the National Information Exchange Model (NIEM).

Some go-getters in the criminal justice field had already begun to switch to the federally-approved Global Justice XML Data Model (GJXDM) schema in the near past. Then DOJ and DHS put the brakes on, saying they were creating a more comprehensive schema, NIEM.

Ordinarily, I might be on their backs, because XML is such a valuable tool for sharing data bases that I’m in favor of quick deployment. However, the original intent for XML was to keep the number of industry-specific schema to a bare minimum, so that basic XML would be as univeral lingua franca as possible. As a result, having a broader standard that would cover a wider range of fields, including criminal justice and homeland security affiars such as disaster management, emergency response and screening people and cargo, was, IMHO, worth the wait.

The feds recently released the second production model (sounds more like a 2008-model car) of NIEM.

On first blush, the NIEM website looks like a good tool for bringing possible NIEM users up to speed, with features such as:

Among other NIEM components, the “namespaces” used to categorize content include my favorite, the Common Alerting Protocol, used for emergency messages. As with other XML schemas, the tags use to classify content have common-sense names, such as “hair color,” or “US county code,” which makes it easier to code data without special training.

According to Paul Wormeli, executive director of the Integrated Justice Information System Institute, which released the standard, projects already using NIEM include:

  • The FBI’s new National Data Exchange program, a national repository of criminal incident information.
  • The Sentinel project, an automated case management system for federal law enforcement agencies.
  • Justice’s Regional Data Exchange.

States already embracing it include New York, Texas, and Florida, which has established the Florida Law Enforcemt Exchange (FLEX) project to map data and establish new regional information sharing systems.

NIEM will play an integral role in FLEX

“‘The state quickly realized that we needed a way to share data statewide, given that we had over 400 agencies to accommodate once you include police and sheriffs’ departments,’ said Mike Phillips, FLEX project manager.

“’NIEM will give us a common translator for basic queries on suspicious persons, vehicles or local warrants,’ Phillips said. ‘Ultimately, NIEM will help provide us with seamless workflow since there will be one point of entry instead of redundant rekeying.’”

Please read the full article for details on NIEM and how it will work. Meanwhile, let’s start putting it to work!




TB case: It all comes down to human issues [Jun 7 07]


The Andrew Speaker TB case is a graphic reminder that, no matter what kinds of policies we institute to screen people at the borders, it still comes down to human factors. Just as many of the security guards interviewed by AP for the story on chinks in the DHS armor weren’t adequately trained and/or didn’t recognize a threat when they saw it, the border crossing guard at Lake Champlain who let Andrew Speaker cross “because he didn’t look sick” — even though he was clearly listed on the quarantined list — managed to obviate all those policies due to his own ignorance, lack of training, poor judgment — you name it.

And while we’re on human factors, if some stupid guy decides that he’s not bound by an explicit order and takes all sorts of devious steps in order to return to the US, just think what can happen when a cunning terrorist puts his/her mind to circumventing our policies?

It’s not unlike corporate computer security, where techs are told to ignore the “CEO” who calls in on a Sunday morning, ranting about how he has lost his password and has to get into the system because of a critical meeting Monday morning. He might be the CEO, or he might be a devious hacker: it’s better to err on the side of enforcing the laws strictly than to have the whole system collapse because of human error.

If there’s anything good to come from this situation, it’s the dumb luck that at least Mr. Speaker (who, irony of irony, is married to the daughter of a CDC TB researcher: she should have paid a little more attention at the family dinner table when dad talked about her work, and/or put her foot down when her new hubby hatched his scheme. Can this marriage be saved???) didn’t have H5N1 — this should really be a heads-up that we need a stem-to-stern review of policy, training, and decision-making when it comes to border crossing issues.



10 Homeland Security Technologies to Watch in 2007 [Dec 29 06]


Last year, I was traveling at the end of the year, so a 10 Homeland Security  Technologies to Watch in 2006 went by the boards. It's back for 2007, using the same criteria that I used for the list two years ago, because the networked homeland security approach primarily relies on commercial communication  technologies that can adapt instantly to provide emergency information in a terrorist attack, pandemic, natural disaster, etc., and that foster collaboration (because that's critical in an emergency and because collaboration in turn is a precondition for emergent behavior/swarm intelligence, in which a higher level of collaborative action results than could be predicted from the abilities of individual members of the group):
  • also having day-in-day-out applications so that they will both be familiar in an emergency (i.e., not requiring users to have to learn something new when they're already stressed) and will have economic and/or social benefits so their purchase and deployment are more easily justified. Those that use commercial applications and devices benefit from a virtuous circle, in which new features and capacity in the devices sparks new applications to exploit those improvements -- far more rapidly than would be the case in government-only communication systems and devices.
  • decentralized, so they are less likely to be rendered inoperative by attacks on a centralized switching facility, etc.
  • in the hands of the general public, so they leverage technology that is already in use (and, given the inevitable cost and procurement limits of government technology, more current) and that people are likely to have with them when disaster strikes, so they can get up-to-the minute information.
  • location-based, so that we can get away from lowest-common denominator evacuation and response plans that are likely to cause their own problems such as traffic jams.
  • empower the public, because authorities may themselves be incapacitated and our fate will be in our own hands, and because we may be more likely to listen to trusted friends and/or neighbors than distant authorities.
  • two-way, so that the general public and/or responders who may be the first to come upon an emerging problem can feed information back to authorities.
  • redundant, because various technologies have distinctive strengths and liabilities that may render them unusable, or, make them crucial fall-back options.
  • allow dissemination of information in advance so they can be quickly activated and/or customized in an emergency (instead of requiring massive data-dumps in the midst of a crisis).
  • IP based, because packet-based information will require less bandwidth in a situation where conserving it is crucial.
  • foster collaboration, because multiple agencies and jurisdictions may be involved and will need to share information from a wide range of sources on a real-time basis.
And now, the envelope please:
  1. new uses, such as storing encrypted medical and family financial records, plus detailed emergency response information, for USB thumb drives, which now cost next to nothing. My current favs: either one of the sushi drives or the stuffed croc (although, if someone's smart, they'll create one in the shape of a locket (complete with picture of the grandkids), which your tech-phobic granny can wear around her neck.
  2. an increasing number of cell-phone-based social networking apps, such as Boost loopt, Buddy Beacon, and Mologogo joining my old fav, Dodgeball.com, capitalizing on the trend of cell-phones including GPS and cameras, to provide location-based, real-time info. While even ad-hoc groups are capable of emergent behavior (the Flight 93 passengers being exhibit A), it's more likely to occur among those who already know each other, so apps that people routinely use to link their virtual and physical social networks will be that much more valuable in a crisis.
  3. Similarly, more neighborhood-based blogs and web sites such as Neighbors for Neighbors, JP  in Boston's Jamaica Plain neighborhood  or the NorthWest Carrolton one in New Orleans, which use online virtual neighborhoods to strengthen bricks-and-mortar ones, again building a sense of community that can be invaluable in a crisis.
  4. Sorry I have to be coy about this one, but it involves a product that won't be formally rolled out for several weeks, so I had to promise to not identify it at this time: a system built around "presence" applications that instantly polls all of a person's communication devices until it is able to connect (critical in a crisis, when you may not be at your desk and some infrastructure may be compromised): a secure messaging system that would allow sharing of real-time, location-based info, polling of users through simple response options that are inside the message, such as yes/no, selection lists, or fill-in text boxes (in an emergency, that could answer vital questions about whether, for example, various neighborhoods have  water supplies, electricity, or fuel), and, where the recipient has broadband access, receiving real-time video, etc.
  5. More use of YouTube  for things other than demonstrations of explosion technologies such as combining Mentos and Coke, or racial outbursts by soon-to-be-ex-senators, such as the educational videos from the UK Home Office  or whistle-blowing such as Michael DeKort's.
  6. Disruption-tolerant networks (DTN), mobile nets that continue to work even if there are "... broken links and long delays." They aren't quite as efficient as fixed networks, but, in a crisis, some network is better than none.
  7. More mashups similar to Garbage Scout, that can provide helpful information both in normal times and a disaster. One candidate (hear about this on All Things Considered yesterday, in its end-of-the-year predictions for the Web), is Wikimapia, which uses a wiki combined with Google Earth to allow people to describe local landmarks, natural attractions, etc.

    Of course, that location-specific information can also be helpful to terrorists looking for targets, but the cat's out of the information bag, isn't it, so we'd better be exploiting the tools available to the Bad Guys, shouldn't we?
  8. More use of wikis, similar to fluwiki, to share group wisdom before, during and after a pandemic, terror attack, or natural disaster.
  9. Do-it-yourself tech-based activism for disaster preparation similar to the Preemptive Media Project to survey pollution levels in Manhattan, perhaps using technology hacks such as Eyebeam's, and/or Moport, an "online tool for generating and sharing mobile phone reports. The site enables people to collectively report in real-time using mobile phones or digital cameras and computers."
  10. More states to follow South Dakota's lead with its statewide radio system, the first statewide trunked communication system to utilize digital VHF. Because it's IP-based, it can route around obstacles and uses less bandwidth. It can also carry information as well as voice, allowing all public safety officials able to talk to one another.


Disaster simulations: getting better, but still no panacea [Dec 2 06]


Zach Phillips (BTW, an alum of America's Finest Liberal Arts College) has an excellent analysis of the pros and cons of disaster simulations in the current Government Executive.


It's a subject near and dear to my heart. Partially, that's because Hal Newman and I have a joint venture, Apocalypse Noun (hey, a bad pun never hurt anyone, did it?) in which we write what we consider to be (and clients tell us are) extremely realistic, well-researched, and non-formulaic scenarios. It's also because I've suffered through some exercises (I don't think I'll ever be able to expunge one stinkeroo last April from my memory) that were definitely a waste of time and money.


Drawn from Phillips' article, here are the yin and yang of scenarios and disaster exercises:


the results will be more valuable if you allow independent analysis: "Rigorous and independent evaluation is needed to ensure that exercises provide an accurate portrait of response capabilities and deficiencies."


similarly, the not-so-sexy after-action report is critical (something the military stresses: field commanders are required to file "lessons learned" reports after an engagement -- and those reports are factored in when they're under consideration for higher ranks). Phillips points out that "FEMA canceled much of the follow-up work - including answering questions about moving emergency evacuees from short-term housing at the Superdome - for lack of funds," after the Hurricane Pam exercise in 2004 (lack of funds seems relative, now, doesn't it, in light of the billions spent for Katrina?).


There's a welcomed trend, IMHO, toward sharing of the lessons learned, and evaluation of the exercises themselves:


RAND has been contracted to create a searchable Public Health Preparedness Database, covering "nearly 40 simulations of terrorist attacks and infectious disease outbreaks. Each drill is graded on five elements."


DHS has hired a contractor to evaluate its exercise program.


HHS is evaluating emergency drills for several states.


probably the most helpful resource is the "Lessons Learned Information Sharing" site, "which gives registered users access to substantial preparedness information, including after-action reports on various exercises."


equally important, the feds are attempting to create standardization for design, conduct and evaluation of exercises, through the Homeland Security Exercise and Evaluation Program. Phillips reports that "DHS, HHS and the CDC reportedly are beginning to require use of this model before funding exercises. 'If all three of them are requiring the same exercise format, that's an enormous shift,' [according to the New England Center for Emergency Preparedness' Kerry] Fosher... 'It forces people to build a standardized cohort of folks who can build exercises in their state using a common language.'"



There's a tendancy to -- surprise -- plan for the kind of disaster we want, i.e. one that proves we've prepared well. "'Exercises are not all created equal,' says Michael Wermuth, director of homeland security programs at the nonprofit RAND Corp. 'There are a lot of different kinds of exercises, a lot of different methodologies used to conduct exercises. There are exercises that sometimes seem to be destined to ensure success or at least a successful outcome in the exercise.'"


The annual Top Off (Top Officials) exercises continue to draw most criticism, partially because the cost is so high, and partially because they're announced months in advance, so that everyone can look their best. According to Wermuth,"'If the main purpose is to really engage what the name is supposed to indicate -- to engage top officials in sitting down and having to make hard decisions about desperate situations -- I'd say it's unnecessary to have this level of attention, this scale of an exercise and particularly the expenditure of many, many millions of dollars.'" And, when the chips were down, the supposed lessons learned from the large-scale exercises clearly weren't applied.


frequently, the exercises seem assembled cookie-cutter style: "'If you're a consultant, it's pretty easy to go anywhere with these templates on [Microsoft] Word and scratch out 'Boise, Idaho,' and put in 'Orlando, Fla.,' " says Eric Noji... director of the Pandemic Avian Influenza Preparedness program at the Uniformed Services University."


the most valuable lessons are learned from actual emergencies: if you're an emergency manager and aren't combing the post-mortems from Katrina and other emergencies of all types, both here and abroad, shame on you!

Phillips concludes that perhaps the most important benefit of the simulations is the opportunity for emergency planners to connect names and faces before The Big One hits:


"Those relationships are paramount, because the official plan often gets jettisoned in the heat of a disaster, Noji says. Of the 82 disasters he was involved in, he never saw the formal plan used. 'I was the disaster director at [Johns Hopkins University Hospital], and I didn't even know it,' he says. 'These things are the size of phone books.'"


That squares with my experience, and is an important factor in fostering the "emergent behavior" my networked homeland security strategy argues is needed in a crisis where circumstances unfold that no one could have predicted or practiced for in advance. While effective emergent behavior can be found even among perfect strangers (i.e., the Flight 93 passengers), research has shown that it's more likely among groups who have worked together in advance.


BOTTOM LINE: disaster exercises are necessary, and are improving over time, but no one can rest easy even if they've learned lessons and applied them: disasters have a nasty habit of evolving according to their own dynamics.


Technorati tags:



et al.: my Boston Globe op-ed sparks discussion of virtual regionalism [Nov 16 06]--Always like to play the agent provocateur: my Boston Globe op-ed on how Gov.-elect Deval Patrick can and must make creative use of the web a critical tool in simultaneously delivering on his promises for things ranging from increased local aid (BTW, flinty Scot that I am, I'd argue that the dollar amount of local aid doesn't necessarily have to be increased if the effect of the current aid was increased through a combination of reduced costs of doing business by local government, seamless delivery of that aid, and increased efficiency of operation on the state's side. I'm sure that argument will have the likelihood of a snowball in hell of prevailing ....) seems to be kicking up some comment and discussion:


I got a nice email right after it ran from my old boss Michael Dukakis, so at least past governors read it, and from a number of state legislators.


One of my favorite commentators on the nitty-gritty of governing, syndicated columnist Neal Peirce, was intrigued by my call for "virtual regionalism" to overcome the inherent problems of New England's home-rule tradition. Peirce wrote me, "It does seem most likely that carrots and sticks to bypass home rule, rather than some frontal assault, have by far and away the best chance of success." One of my personal government IT gods, Phil Windley, Utah's CIO under now-HHS Sec. Mike Leavitt, also mentioned the "virtual regionalism" concept in his Technometria blog (BTW, I love Phil's ominous slogan: "Organizations get the IT they deserve"!).

there's a lively thread right now on the BlueMassGroup blog about the op-ed, with a number of contributors mentioning their gripes with the current state of e-gov in the Commonwealth and suggestions for the future.

one state staffer, Director Christian Jacqz of the Mass. Office of Geographic and Environmental Information, pointed out to me that the Commonwealth is taking the lead in one area of innovation: its web mapping services were honored as an "Exemplary System in Government" in the 2005 URISA competition's Enterprise Systems category. The services are available to communities, regional planning authorities, and state agencies, and the tech support include a wiki (kewl: 50 extra points, guys and gals!). It supports kml (the language for Google mashups) with a mapping engine called Geoserver as well as a richer and more sophisticated xml-based protocol put out by the Open Geospatial Consortium (didn't know about them -- neat!) -- add another 50 points each for xml and open source! Among other uses, Jacqz says MassGIS lets communities and state agencies build their own map-enabled web sites to display locations of interest (e.g., closest state office offering a given service) and also to collect data (such as exact facility locations from knowledgeable individuals, plotted on top of imagery -- that sounds particularly relevant to homeland security in terms of critical infrastructure protection). He also told me that commercial on-line mapping applications use MassGIS' orthophotos (e.g., what Google calls "satellite" images) and the office is also working with Navteq in a public-private partership to improve the completeness of the digital road map and the "hit rate" on geocoding.

Nice job, folks -- and my apologies for the broad-brush slap at Massachusetts' web strategy or lack thereof -- there are definitely some pockets of excellence that should be supported and applauded!




Centralized emergency communications: exactly WRONG approach [Nov 2 06]--Thanks to the ever-observant Michael Hampton, he of the always irreverent, never irrelevant, Homeland Stupidity, for passing this one along.

Prof. John Peha, who wears two hats at Carnegie-Mellon, in both engineering and public policy, argued at a forum sponsored by the New America Foundation this week that we need a centralized information system for emergency communications. According to the Congress Daily story:

"Peha said that after the disastrous communications failures on Sept. 11, 2001, and during Hurricane Katrina, he could "not see why we should tolerate" the current decentralized emergency-response system, which gives the flexibility of local "first responder" agencies precedence over standardization and regional cooperation."


If we had a centralized, top-down communications system, control-freaks such as Sec. Chertoff would no doubt be pleased, but we'd still be waiting for relief to reach New Orleans -- 'cause when centralized systems fail, they fail totally. This recommendation runs totally the opposite direction from the trend toward web-based, decentralized, networked communication that dominates everything today.

It was precisely because people on the ground cobbled together crude but effective networks (I'm just reading Douglas Brinkley's The Great Deluge . In addition to praising the Coast Guard for being the sole exception to the organizational paralysis -- because, as the GAO put it, the CG's operating "...principles promote leadership, accountability, and enable personnel to take responsibility and action, based on relevant authorities and guidance," he also details the completely ad hoc "Cajun Navy," which was put together totally by word of mouth. While the authorities fiddled and diddled, the motley flotilla of Cajuns saved 4,000) that there was any action at all.

Since Peha also talked about the communication problems on 9/11, think about the only effective response: the Flight 93 passengers, who got "situational awareness" from their relatives' phone calls, and acted. Meanwhile, the president of the United States, at the top of the information chain, sat reading a children's book for 15 min., while his aides tried to find out what happened.

Sorry, professor, but I suspect the engineering mentality (apologies to my readers who are engineers, but I've worked closely with many engineers for the past 25 years, especially nuclear engineers, and it's been my experience that for every Henry Petroski, there are 50 extremely left-brained types who freak out at the kind of ad hocracy that I call for in networked homeland security) predisposes you to think in terms of tightly-control, top-down communications.

We'll give the last word in this case to Mark Wolf, in his Wired article about the Portland Connect & Protect enhanced 911 system:

"If national safety -- the ability to respond to hurricanes, terrorist attacks, earthquakes -- depends on the execution of explicit plans, on soldierly obedience, and on showy security drills, then a decentralized security scheme is useless. But if it depends on improvised reactions to unknown threats, that's a different story. A deeply textured, unmapped system is hard to bring down. A system that encourages improvisation is quick to recover. Ubiquitous networks of warning may constitute our own asymmetrical advantage, and, like the terrorist networks that occasionally carry out spectacular attacks, their power remains obscure until they're called into action."
'Nuf said.

PS: Looking at the techies on
this foundation's board -- Eric Benhamou, James Fallows, Eric Schmidt -- I'm surprised they'd see this as the kind of ".... exceptionally promising new voices and new ideas to the fore of our nation[base ']s public discourse" that they stand for -- especially since they also have a "Wireless Future" program.

Technorati tags:

New CSIS report shows Establishment starting to get it on wikis, etc. [Oct 24 06]--As Hal Newman said when he sent me a note about this item: "is someone listening?"

Guess so: it looks as if The Establishment, in this case, CSIS, is getting the word -- long understood by readers of this blog -- that innovative technologies and applications such as wikis or tags can be critical ways of not only sharing information, but actually transforming the work of rebuilding countries after disasters or war.

Their new report, Wikis, Webs, and Networks: Creating Connections for Conflict-Prone Settings introduces policy makers to the many ways that these new technologies can be used in dealing with what they term "collapsed and fragile states," especially since they are prone to problems with communication and connectivity. In particular, they can be critical to applying lessons learned from one problem in dealing with the next (as I blogged about the
tsunami wiki and those that followed it), or communication among many international governments and agencies that are involved. The report's lofty goal is to use better connectivity "... to enable local populations to prevent and mitigate conflict and help rebuild their country."

The report is based on 4 principles that can improve connectivity in conflict prone areas -- and otherwise. It's worth repeating them:

  • "Connectivity increases effectiveness.... Connectivity allows for, but does not guarantee, frequent and meaningful interactions, which can help diverse actors develop a common operating language, plan and conduct joint exercises, and integrate operations during crises.

  • "Free revealing. Openly sharing new ideas, innovations, and information is better suited to fast-paced, chaotic environments than is the traditional practice of closely managing information flows through established hierarchies. (my emphasis because it applies equally, IMHO, to homeland security).

  • Community generates content. Relying on the community to generate, share, and interpret content makes the best use of resources and minimizes constraints in conflict settings. These settings demand flexibility and adaptability on many levels. User-driven content, in which all individuals contribute information, share concepts, and evaluate resources, is the practical choice for environments with conflicting and unreliable data.

  • Lead users drive the market. By identifying and promoting the practices of lead users (those at the top end of the bell curve), the effectiveness of the entire international community can be enhanced."
Based on these principles, CSIS recommends three strategic guidelines to encourage the new communication technologies and empower users: design the architecture for participation, strengthen social and knowledge networks (in recognition that communication is more of a social problem than a technological one), and use all available means of communications.

While acknowledging institutions' fears about errors in wikis, etc., the report speaks truth to power: "... in many cases, the daily benefits of open information systems outweigh the potential threats." Wow....

The study is a relatively quick read -- 30 pages. I urge you to do so, because it shows consciousness of the transformative power of network technology is reaching inside the Beltway.

Technorati tags:



Interactive adventure gaming: cutting-edge fun could pay off in crisis [Oct 17 06]--If nothing else, my networked homeland security strategy is a hell of a lot more fun than the DHS top-down, play it by the book approach. I let you prepare by:

The common thread? All of these are applications you can use every day, but, in a crisis, could be used to provide valuable real-time, location-based information that would help you and your family and friends cobble together ad hoc emergency response plans (capitalizing on the emergent behavior possible when formal or ad hoc groups come together).

You're now duly authorized to add to the list of Permissible Disaster Planning Preparation Activities (PDPPAs) interactive adventure gaming, a
smartmob derivative created by Urban Interactive of Boston. Their new Ghosts of Liberty game looks like a real hoot!

Created by Nicholas Tommarello because "I can't stand being on a tour bus," Urban Interactive games let you learn history while playing a collaborative game (7.3 extra PDPPA points awarded because it's collaborative, fostering emergent behavior).

Teams are transformed into secret agents (ah, maybe we'll award an extra 1.22 PDPPA points because it fosters thinking like a secret agent -- or terrorist...) who get a cellphone programmed with the clues (an automatic 4.23 points because of the location-based information), an ultraviolet pen, a map of our fair city's historic North End, and a folder to open in an emergency (i.e., if lost).

Once on the streets, the cell phones yield critical information: digital maps, SMS messages from the mysterious "Director Finch," and "'voice mails from a ghost-channeling psychic.'"

Winning teams can choose between a Xbox 360, $300 iTunes gift card, or a dinner for 4 at the Strega restaurant.

How cool is that???

Parent firm Conditor will create custom games for clients "... that can tailor the world of our games to just about any requirements you can think up. The only limits are your budget and such pesky rules as the law of gravity. So feel free to get creative; we can include any activities you require, and even theme the stories around your own corporate culture."

The predesigned games allow 6-50 players. Events can be outdoors or inside, and past settings have included museum galleries, college campuses, public gardens, historical monuments, and urban shopping complexes. They supply the hardware, currently Nokia 6630 smartphones.

All joking aside, folks, I'm calling Urban Interactive as soon as I post this, to discuss the possibility of creating a game that would highlight possible terrorist threats and actually make preparing for a terrorist attack or natural disaster fun and collaborative. Ghosts of Liberty has all the elements: advanced personal, mobile tech, digital maps, interactivity, collaborative activity, etc. that would make it just the framework for disaster or terrorism prep that would overcome all the normal factors (i.e., its boooring...) that keep the general public from wanting to prepare. Kewl!!!


W. rewrites the minimum quals for future FEMA directors [Oct 12 06]--I didn't blog this last Friday, when Charlie Savage, the Boston Globe's one-man presidential signing statement truth squad, reported it, but thought it merited attention because it involves such a critical issue -- the qualifications of future FEMA directors -- but, more important, because it showed Bush, despite his current problems, remains adamant about his ability to thwart Congressional intent through signing statements.

Congress enacted a law last week, as part of the package of homeland security bills passed just before it recessed, setting minimum qualifications in terms of emergency  management experience for future FEMA directors in light of former Director Michael Brown's lack of qualifications and selection on the basis of political cronyism.  The new law requires the president to nominate someone who has "... a demonstrated ability in and knowledge of emergency management" and "...not less than five years of executive leadership."

As with his past signing statements, Bush made no mention of his reservations about the FEMA restrictions when he signed the package last week in Arizona. Then, according to Savage:

"...hours later, he issued a signing statement saying he could ignore the new restrictions. Bush maintains that under his interpretation of the Constitution, the FEMA provision interfered with his power to make personnel decisions.

The law, Bush wrote, ".. purports to limit the qualifications of the pool of persons from whom the president may select the appointee in a manner that rules out a large portion of those persons best qualified by experience and knowledge to fill the office."

Purports to limit the qualifications of the pool? No, it damn well DOES limit the pool of persons -- for good reason, as we saw in spades during Katrina (and, for the record, Sen. Susan Collins pointed out that Congress has passed a number of similar laws in the past, setting standards for posts ranging from Solicitor General to the director of Fisheries and Wildlife).

As I've written before, as important as the FEMA bill is in its own right, the pattern set by these signing statements is far more important because it undermines the Constitution's separation of powers:
  • Bush is able to claim credit for signing a popular law, without having to make his position clear during the legislative process.
  • he does not have to engage in compromise and negotiation with Congress, as would happen if he were to veto a bill and send it back
  • Congress is denied its right to pass the bill again over the president's objections, because it was actually signed
  • Congressional intent is thwarted because the executive branch does not enforce the law.
The contrast between the highly-visible signing ceremony and (literally) under-cover-of-darkness release of the signing statement was stark proof the White House knew its process wouldn't stand scrutiny:
"Bush's remarks at the signing ceremony were quickly e-mailed to reporters, and the White House website highlighted the ceremony. By contrast, the White House minimized attention to the signing statement. When asked by the Globe on Wednesday afternoon if there would be a signing statement, the press office declined to comment, saying only that any such document, if it existed, would be issued in the 'usual way.'
'The press office posted the signing-statement document on its website around 8 p.m. Wednesday, after most reporters had gone home. The signing statement was not included in news reports yesterday on the bill-signing."

Actually, it probably wouldn't have mattered if the signing statement had been more visible: Savage stands alone among the DC press corps  in tenaciously following the bigger story. Where is the rest of the press corps?

Let me conclude by simply quoting the last five grafs of Savage's story, which total up the sorry score: the Cheney/Addington "unitary executive" jihad: 800+; Article 1 of the Constitution of the United States: 0 :

Bush's use of signing statements has attracted increasing attention over the past year. In December 2005, Bush asserted that he can bypass a statutory ban on torture. In March 2006, the president said he can disobey oversight provisions in the Patriot Act reauthorization bill.

"In all, Bush has challenged more than 800 laws enacted since he took office, most of which he said intruded on his constitutional powers as president and commander in chief. By contrast, all previous presidents challenged a combined total of about 600 laws.

"At the same time, Bush has virtually abandoned his veto power, giving Congress no chance to override his judgments. Bush has vetoed just one bill since taking office, the fewest of any president since the 19th century.

"Earlier this year, the American Bar Association declared that Bush's use of signing statements was 'contrary to the rule of law and our constitutional separation of powers.'

"Last month, the nonpartisan Congressional Research Service concluded that Bush's signing statements are 'an integral part' of his 'comprehensive strategy to strengthen and expand executive power' at the expense of the legislative branch.'"

New blogs helping to create community among NOLA evacuees [Sep 25 06]--All right!

You may remember that I called for use of the Neighborhood America program after Katrina to help preserve and strengthen neighborhood cohesion among those evacuated from New Orleans. Sadly, the city hasn't done that (it's not too late, Mr. Nagin), but several New Orleans evacuees have taken matters into their own hands, creating blogs to help neighbors keep in touch with each other and to weigh in on important issues about the city's future.

Highlighted in this article was Karen Gadbois'
NorthWest Carollton blog, which she and other residents of that neighborhood used, among other things, to successfully fight Walgreen's attempted land use variance. It's inspiring to read their mission statement:

"We are a Post Katrina organization formed to celebrate the fact that postKatrina we still had neighbors and to advocate for our historic neighborhood and its people. We feel it is important to address all issues of planning, recovery and building. We revel in the diversity of our neighbors and the diversity of our historic housing stock. We have homes for every taste and income level. We have been gifted with commercial neighbors who respect the fact that they border our historic neighborhood.

"'We are the next coolest neighborhood in New Orleans.'"

With that kind of spirit, we don't doubt it, Ms. Gadbois.

The article mentions that there are
more than 100 New Orleans-centered bloggers, and that many of them recently held a face-to-face meeting as part of the Rising Tide conference (gotta love them clenched red fists!). Another of the bloggers singled out is Xavier University theologian Michael Homan, who chronicles his problems with his insurance company:


"'I use my blog to put a human face on what's going on in New Orleans,' said Homan, a theologian at Xavier University, 'so that friends and family and (residents) scattered around the country can see what's going on. It's also very cathartic. I get a lot of support from people who read it.

"'But I also use it get and share advice,' he continued. 'I've had people from all over the country contact me and exchange information about engineering reports and insurance companies."

"The blog pulls Homan and his readers into the city's reconstruction.

"'The rebuilding of New Orleans becomes a great way for us to keep tabs, as a system of checks and balances, on these fat cats,' he says, referring to city leaders and developers. 'Blogging gives us a voice.'

"'The potential,' Homan said, 'is incredible. We haven't even scratched the surface.'" (my emphasis)

"Modern life has created a world where people don't have as much face-to-face interaction as they have in previous decades. Blogging, while a solitary activity involving one person and one computer at a time, has allowed people to organize.

"'It's helping create communities of interest,' he said, 'and that's what we're seeing here.'"

Reporter Ray Bragg also includes extensive quotes from Howard Rheingold on the significance of action-oriented blogs, including this:

"'We are at a significant crossroads,' says media critic Howard Rheingold, who contends the Internet is poised to become as important to civilization as the alphabet and the printing press.

"'The advent of the Internet and the availability of many-to-many publishing, via cell phone, text messaging and other devices, has lowered the threshold for collective action.'"

IMHO, Mayor Nagin, despite his background in the telecommunications industry, is like other elected officials in either ignoring the power of networked personal communications (I exempt from criticism, of course, my terminally with-it jr. senator, The Hon. John Forbes "Facebook" Kerry) or who shun it because of (legitimate) fear that it will empower their constitutents and allow them to circumvent the politicos to communicate among themselves. Mr. Mayor: the battle is over, you've lost control of the flow of information, and it's about time to embrace using networked communications to make the public full partners in the rebuilding effort.

Mark Lombardi [Sep 17 06]--et al.: Mark Lombardi died in 2000, but mapped 9/11 networks!

I'd never heard of Mark Lombardi, nor seen any of his art, until reading a Boston Globe Arts Section special on 9/11+5, in which the paper's new art critic, Ken Johnson picked it as his choice as all the paper's critics "discuss the single work they believe captures the world as we live in it now, five years later."


Considering the fact that
he committed suicide in 2000, and thus never even experienced 9/11, Lombardi, IMHO, certainly anticipated the tangled web in which we find ourselves today (anyone wondering why the prominent Saudis were allowed to fly out of the US during the time when all civilian air travel was hypothetically grounded after 9/11 need only look at this small portion of a Lombardi drawing that shows how few degrees of separation there are between George W. Bush and Osama bin Laden!). Had he lived, I'm certain his, not Valdis Krebs', would have been THE go-to visualization of the terrorists' network (no slight to Krebs: he just lacks Lombardi's visual flair.

I've now learned that Lombardi, an art historian by training, didn't become an artist until he was in his 40s (sad to say, given my professional interest in social networks, he and I were probably at Syracuse University at the same time, he as an undergrad, and I as a grad student. Even though I visited the art school's gallery frequently, we didn't connect, and that I profoundly regret), and was a fascinating blend of artist and investigative journalist. As
his New York Times obit explains:

"He liked to say that his drawings were probably best understood by the newspaper reporters who had covered the scandals he diagrammed.

"Sometimes measuring as much as 10 feet across, these drawings nonetheless had tremendous visual verve, delicately tracing the convoluted unfoldings of contemporary morality tales like the savings and loan scandal, Whitewater, Iran-contra and the Vatican bank scandal.

"The small circles in his drawings identified the main players -- individuals, corporations and governments -- along a time line. The arcing lines showed personal and professional links, conflicts of interest, malfeasance and fraud.

"Solid lines traced influence, dotted lines traced assets and wavy lines traced frozen assets. Final denouements like court judgment, bankruptcy and death were noted in red.

"Mr. Lombardi, who was born in Syracuse in 1951, received a bachelor's degree in art history from Syracuse University. After graduating from college he moved to Houston, where he worked briefly as an assistant curator at the Museum of Contemporary Art.

"Mr. Lombardi ran a small gallery while making abstract paintings on the side. He began making his drawings in 1993, inspired by a doodled diagram he had made while talking on the phone to a banker friend about the savings and loan scandal.

"Reading several newspapers a day, he culled his information entirely from published sources, keeping track of the articles with a card file that eventually held over 12,000 cards."

As Ken Johnson wrote:

"Ever since the United States invaded Iraq in what seemed to many a puzzlingly indirect reaction to Al Qaeda's 9/11 terrorist attacks, questions about the Bush administration's real motivations have been a matter of debate and speculation. Was the purpose really to spread freedom and democracy, or were there other unacknowledged plans? Many people who knew Lombardi and his work have wished he were still around to connect the dots. But that misses the larger point of his art.

"Part of the experience of Lombardi's drawing is a kind of narrative thrill, not unlike that of novels by Thomas Pynchon and John le Carre. Discovering the shadowy interconnectedness of what you would have thought were totally unrelated people and agencies can induce paranoia, but it is also curiously satisfying; the world starts to make a kind of cosmic sense. Lombardi's works are near-perfect weddings of aesthetic form and worldly content. (my emphasis)

"The drawings leave out a lot of information, and they raise as many questions as they answer. Their broad, untouched areas of white paper are metaphorical as well as literal: You have to fill in the blanks for yourself. So the viewer is thrown into a philosophical quandary: Is the truth out there, a discoverable empirical order? Or do we project the truth by means of our own stories and fantasies and according to our aesthetic predilections onto an otherwise chaotic reality?

"After 9/11, that philosophical quandary took on a more than theoretical urgency. Lombardi did not predict the attacks on the World Trade Center and the Pentagon or the US invasion of Iraq, though you get the feeling that had he lived he would not have been surprised by either. What he left for the future was an exemplary method for making sense of the bewildering and scary new world so tragically ushered in by the events of Sept. 11, 2001."

You can say that again!

Lombardo's work speaks to me on two levels: selfishly, as Hal Newman of Team EMS and I prepare to launch our social network mapping service to companies, it's a reaffirmation of how a social network map can illustrate connections far better than a dry narrative. As a world citizen, it's a reminder that, even if George W. Bush forgets it, we are all interconnected already and we'd damn well better find solutions to complex issues that reinforce those ties for mutual advantage rather than to pursue short-sighted politicies that fray them.

BTW, the section of one of Lombardi's drawings that Johnson chose to illustrate his article was from
Banca Nazionale del Lavoro, Reagan, Bush, Thatcher, and the Arming of Iraq, 1979-90." Come to think of it, as amazing as the drawing is, all you have to do is read the title and you understand why we're in such a mess in Iraq: the insurgents are shooting our guys and gals with guns we paid for!



Ten 21st century disaster preparation tips the officials won't tell you [Aug 28 06]--The advent of 21st century personal communications devices and services, particularly camera phones with GPS capability, GPS devices in your car, P2P software such as mesh networking, or social networking services, mean that it's now feasible to have two-way sharing of real-time, location-based information that could save your life in a crisis.

You won't find these tips about how to capitalize on those devices and applications on Ready.gov, or other federal, state, and/or local preparedness sites. In some cases it's because the services described below are private sector ones that government agencies can't endorse. More likely, most government agencies are clueless that these services exist (for example, it wasn't until I told them about DCERN that DHS officials realized it existed, even though it operates literally in their own backyard).

So here are ten 21st century disaster and preparedness tips from Stephenson Strategies that you won't see on the official lists of things to do to prepare for a disaster or terrorist attack, but that you and your neighbors should implement NOW, so that you'll be prepared to act intelligently and calmly if you find yourselves on your own:

  1. now that thumb drives cost less than $10 ($7.95 at Staples this week), put your family's medical records (if you can get them from your physician in digital form) and other vital documents on them and attach it to your keychain so you'll have them with you at all times (encrypt them with TrueCrypt for safety).

  2. buy a pair of family-radio (FRS) walkie-talkies (under $20 at discount stores) for emergency communications. Use them to set up a volunteer, self-organizing community emergency communications network similar to the DCERN one in Washington DC

  3. add your FRS emergency network to National SOS radio, which links local FRS networkswith ham operators for a comprehensive, low-power emergency communications network.

  4. subscribe to the XML feeds from the National Hurricane Center so you'll get real-time information on hurricanes.

  5. buy a solar charger for your laptop so that you'll have a portable electric supply with you at all times.

  6. download the free CUWin mesh network software and burn it to CDs to share with your neighbors, so you can create a self-organizing, self-healing mesh network with neighbors even if your Internet access is lost in an emergency.

  7. if Sirius (NYC, Ch. 148; Boston/Philly, 149; LA, 150; Chicago/St. Louis, 151; Balt/DC, 152; Atlanta/Miami, 153; Dallas-Ft.Worth/Houston, 154; Detroit,Pittsburgh, 155; SF/Seattle, 156; Orlando/Tampa-St. Pete, 158) or XM Satellite Radio (Boston, Ch. 210; NYC, 211; Philly, 212; Baltimore, 213; DC, 214;  Pittsburgh, 215; Detroit, 216; Chicago, 217; St. Louis, 218; Minneapolis, 219; Seattle, 220, SF, 221; LA, 222; San Diego, 223; Phoenix, 224; Dallas/Ft. Worth, 225; Houston, 226; Atlanta, 227; Tampa, 228; Orlando, 229; Miami, 230) provide real-time, location-based weather and traffic channels for your area, subscribe. XM has a special emergency channel, 247, that's activated in an emergency.

  8. Use the structure and information of the KatrinaHelp wiki as the starting point to establish a self-help wiki before the hurricane hits, and add to it as the situation evolves

  9. Get all your family and friends to join Pheeder. In a crisis, you'd only have to send a single phone message to let them know you're alright (Dodgeball.com can do the same thing via SMS message, but only serves a few cities at this point.

  10. After a disaster, cobble together a Google mashup similar to Garbage Scout, using your cameraphone, to alert authorities to where there are elderly/disabled persons who need extra help.
Polls have shown that not only has government failed to prepare for the next natural disaster, terror attack, or pandemic -- we're to blame as well (and don't forget that there's even less chance in the future that you'll be able to count on government assistance in the first 72 hours.

These self-help actions are practical today, using technology in your hands. Please try them -- and tell your friends, ASAP.  Thanks.



Networked Homeland Security: cheaper, more flexible – and inevitable [Aug 20 06]--News that at least 3 loosely-networked cells were involved in the thwarted UK plane bombings should be a wake-up call to the U.S.: we could face the same networked threat here.

A 1996 study, The Advent of Netwar, showed terrorist groups are loosely linked instead of hierarchical, so the Defense Department's anti-terrorist strategy now matches that threat. As the study said, "Logically, fighting a networked enemy requires the US to form networks to fight networks, and decentralizing operational decision-making authority."

However, Katrina showed DHS was inflexible, lacked redundancy, reacted slowly to changing conditions, and, when chain of command was interrupted, individual components couldn't adapt and become self-directed. So why does the Department of Homeland Security still emphasize top-down, command-and-control strategy at home a year later, especially if, as the Administration argues, we may face the same terrorist groups here (plus natural disasters exhibiting the same unpredictability and disproportionate impact on the most vulnerable)?

Convergence of 3 social and technological network trends: networked enemies, the new science of networked social behavior, and widespread adoption of networked personal communication, make a networked anti-terror and disaster strategy as or more relevant at home, particularly to productively involve the public.

The science of networked behavior is the least understood of these trends. Studies of ant and bee behavior discovered more sophisticated synergistic behavior by a colony or hive "emerges" than is predictable from individual organisms' abilities. Now, management consultants say we can and must foster the same phenomenon in human society, stimulating flexibility, robustness, and self-organizing – 3 qualities missing in Katrina and terrorism prevention planning.

Remember 9/11. The only effective response was the epitome of emergent behavior: total strangers spontaneously coalesced on Flight 93. Similarly, individuals came together via the Internet during Katrina, providing invaluable and reliable information and services to victims while government was impotent.

The final factor is the rapid spread of increasingly networked (especially peer-to-peer) personal communications devices, including camera phones, GPS devices, and 'mesh' laptop networks linking automatically (even without an Internet connection).

Human nature dictates that people can and will use them in a disaster. Those who knew to send text (not voice) messages could still communicate in Manhattan and New Orleans during the disasters: text uses little bandwidth and routes around disruptions. People already spontaneously send cameraphone photos of crimes to police in time to apprehend suspects. Some new real-time traffic alert systems rely on digital reports from users' cars at an accident scene.

However, having many individuals with communication devices does not assure emergent behavior: they must interact. Collaborative software programs, such as wikis, and social networking services foster interaction, and people are already familiar with them, so they could instantly switch to sharing emergency information in a crisis.

Networked homeland security is feasible today, cheaper and quicker to deploy using existing technology than dedicated government emergency communications systems. By facilitating those qualities needed in a crisis -- flexibility, robustness, and self-organizing -- it would transform the general public from victims, waiting for aid that may never come, into self-reliant components of the response.

So why doesn't the government embrace networked homeland security? In part, it probably is because officials fear they would no longer control information flow, or people's response.

However, given networked personal communication devices and the science of emergent behavior, government probably has already effectively lost control of information flow in a disaster. It can either capitalize on this phenomenon, finding innovative ways to treat the public as full partners in both anti-terror and disaster preparation and response -- or we will simply take matters into our own hands.

Networked Homeland Security: transforming the public from pawns to partners [Jun 17 06]--I will discuss a new paradigm for homeland security strategy that directly addresses many of the problems brought to light by Katrina, and one in which each of us will play a role.

It's called Networked Homeland Security. Or, as I sometimes call it when I'm trying to get a rise out of someone who is threatened by chaos, "
smart mobs for homeland security," a term derived from a book by futurist Howard Rheingold in which he says "Smart mobs emerge when communication and computing technologies amplify human talents for cooperation."

I've advocated networked homeland security for several years, but find that decision makers are now more willing to consider it in the wake of Katrina. As one former DHS official said, we're more willing to consider creative approaches having seen how badly conventional ones failed.

We'll  debate the specifics of what went wrong for years, but what's clear is that conventional thinking failed miserably during Katrina. Shamefully, Americans died needlessly as the result, and an entire region still suffers.

In one of his first postmortems, Sec. Chertoff acknowledged this failure, saying that "the unprecedented nature of the disaster makes it necessary for Washington 'to break the mold' and create a new mold."

Mr. Secretary, you're right that we need to break the mold. You're wrong when you say that we need to create a new mold.

Molds work fine for jelly, but when it comes to fast changing, unpredictable situations, whether they be terrorist attacks or global commerce, molds constrict your ability to react quickly, to turn on a dime when one tactic fails and try something else. We need to let that jelly ooze!

Coming from New England and being a history buff, I'm reminded of an event in my area during the spring of 1775 in which a few brave men broke all the molds (and were roundly criticized for it, by their gentlemanly adveraries, for not playing by the supposed rules). This time around, I'm afraid we're the ones marching in formation and following the "rules." Its our opponents, be they
Al Qaeda, Katrina or the looming flu pandemic, who, like the Minutemen, are networked, elusive, and quickly regroup and try something different.

This is a lesson the US military has already learned in dealing with terrorism.
John Arquilla and David Ronfeldt, starting back in 1993, have steadily refined the concept of netwar. They write that the information revolution is "altering the nature of conflict across the spectrum." It often gives small groups who communicate, coordinate, and conduct their campaigns in an networked manner, without a precise central command, an advantage over hierarchical forms. Logically, Arquilla and Ronfeldt say that it takes a networked defense to fight a networked offense. Their approach is now an accepted part of Pentagon strategy.

Yet, as we saw during Katrina, the other portion of our defense against terror, homeland security, doesn[base ']t seem to have learned the netwar concept.  Their approach was centralized and hierarchical, didn't seem to sense that the circumstances on the ground required a change in tactics, and was unable to redeploy forces rapidly.

It's time to apply the networked approach to homeland security as well. The time is right, because of the convergence of three important aspects of networks.

First is the situation we confront. Whether the "opponent" is a terrorist group, natural disaster, or a flu pandemic, they share several characteristics: their behavior is hard to predict from past experience, they're opportunistic, strike particularly at the most vulnerable, and, invariably, draw in the general public.  
Logically, as with the netwar concept, to be effective, we need a response that has the same characteristics as these situations.

Arquilla and Ronfeldt noted in the early '90s that the information revolution favored networked strategies. That is even more the case today. The second aspect of the evolution of networks arguing for a networked strategy is the nature of the communications technology that you and I increasingly use on a daily basis, from cell and camera phones to Wi-Fi laptops and GPS in our cars. Unlike the mass media, these devices are increasingly based on Internet Protocol and are packet-based. That means the resulting networks are decentralized, self-organizing and self-healing -- they don't depend on central authorities or facilities and are less dependent on fixed infrastructure that might be damaged in a disaster.

This common format also means that information from them can be blended and combined, into new hybrid forms of rich information. And, as the growing number of Google Map "mashups" shows, communication is increasingly providing actionable information in a real-time, location-based format. That can be critical in a crisis, when it's vital for authorities to know what's happening and where -- right now -- not what they'd predicted might happen in planning exercises.

Finally, unlike government communications networks that are only upgraded sporadically, these personal devices are constantly upgraded. Each time that they are, smart entrepreneurs find new applications and services to exploit that new power. Instead of having to create a stand-alone emergency communications system, we can leverage those private sector solutions, with whom the public is already familiar, in a crisis.

Finally, the third component of networks -- and the least understood -- is the growing body of science about the sociology of group behavior made possible by networks. In a social network, individuals are free actors, they're not controlled by a hierarchy, but loosely linked. And, the power of a network increases exponentially, because of the number of subgroups that can form within the larger one. Particularly important is research at the Santa Fe Institute and other places on "
emergent behavior." First observed in ant hills and bee hives, we now know humans are also capable of emergent behavior:  a higher level of collective behavior -- and combined intelligence -- that can't be predicted from individuals' behavior: the group becomes a highly-capable "superorganism."  All these aspects of social networks mean the general public can be a potent and effective asset that in homeland security or disaster response.

Combined, these 3 elements of networks:

  • the need to combat a networked enemy with a network
  • the growing power of self-organizing, self-healing personal communications networks
  • the understanding of the synergistic power of networks
constitute the ideal solution to the problems we saw during Katrina: the potential to turn the public from pawns to be herded about into full partners in preparation and response. And, to add some immediacy to the situation, we have the unprecedented threat of a flu pandemic. As I wrote last week in Network World, only an unprecedented use of collaborative technology and an unprecedented level of collaboration will get us through this looming crisis.

Due to our time constraints, I can't explain precisely how this kind of system would work. If you go to my blog,
stephensonstrategies.com, you can learn more about the technology and the sciene of emergence and how the network would come together. However, let me give you just a few examples of how such an ad hoc, networked  system might work in practice, to demonstrate that it is practical today and would be ideally matched to the challenges we face.
  • While government debates the next generation of emergency communication, a grassroots network here in the District of Columbia, DCERN, has blanketed the region with a no-cost, self-organizing emergency communications network using $15 walkie-talkies. Even better, they've just merged with a national group of ham operators to create the National SOS Radio Network -- which can function even when broadcasters and other expensive fixed communications systems fail.
  • There is a growing number of location-based, real-time information providers such as Dodgeball.com, a social networking service; XM Radio's Emergency Alert 24/7, and, my personal favorite, GarbageScout, a Google Maps mashup that helps New York City residents find usable furniture off the street.  In an emergency, all of these services could switch to providing valuable, location-based information that would eliminate the need for one-size-fits all evacuation plans such as the ones that snarled Houston traffic during Rita. Equally important, ad hoc groups could use these tools to fend for themselves on a neighborhood-by-neighborhood basis, and communicate with other ad hoc groups.
  • Individuals who happened to be on the scene during the lead-up to a terrorist attack or during a disaster could, with a simple interactive process, provide valuable information to authorities via a cameraphone -- while the process could be designed to siphon off the trivial or hate-motivated tipsters.

Let me conclude with a warning to government: there really isn't a choice whether to embrace this kind of networked homeland security system. Given the power of networked communications and the science of emergent behavior, government has already effectively lost control of the flow of information during emergencies. We the people have the power at our fingertips to network -- and human nature dictates that we'll use it in an emergency. Also polls have shown that the public has lost faith since Katrina in government's ability to protect us and, simultaneously that we're taking more steps to prepare to help ourselves. Bottom line: government can either capitalize on networks and treat the public as full partners in prevention and response, or we will simply take matters into our own hands and circumvent government.

In fact, that's already happening as we prepare for a flu pandemic.

When governments worldwide failed to plan ahead in time, an ad hoc team of volunteers took matters into their own hands and created
FluWiki. It quickly became the world's most comprehensive source of information on the issue, as well as a forum for concerned individuals to help each other prepare. The fact that it's self-organizing and anyone can post to it means that inevitably, FluWiki contains some erroneous information. However, other individuals are also empowered to correct those mistakes quickly, without having to go through a convoluted agency approval process. In a situation that is evolving as rapidly as this one, that could literally mean the difference between life and death.

Networked homeland security has the potential to overcome the public's skepticism about government, to make the public powerful auxiliaries to first cresponders -- real partners instead of pawns -- and to provide the flexibility and "collective intelligence" needed to cope with fast-changing, unprecedented threats, from terrorists to disasters. Now the only question is whether government will capitalize on it -- or be swept aside as the people take things into their own hands.



Cybersecurity Strategy: from Hierarchies to Smart Swarms : address to the Boston University Center for Reliable Information Systems and Cyber Security [April 10, 2006]--Thanks for the kind introduction.  But let me tell you a little more about myself: not out of egotism, but because people like you and people like me don't always get a chance to talk to each other.  I think that one of the vital functions of the Center for Reliable Information Systems and Cyber Security can and must be to bring us together for mutual benefit.

What I have to say about my background may leave you thinking that you're attending the wrong conference. Bear with me -- I think you'll see why how I think and what I've done, and the types of insights that people similar to me bring to the cybersecurity issue, may alert you to some aspects of it that are typically not the focus of traditional security programs -- but which I argue must be as we face networked enemies in a networked age.

Now for those three things about me that may make you look at your challenges differently.

  •     The first is that I'm an environmentalist.
  •     The second thing is that I am a political liberal.
  •     The third thing is that I'm right-brained and intuitive.
Before you get too worried, let me explain why these things relate to your work.

First, truth to tell, I'm not quite as ardent as an environmentalist as I was earlier this winter -- especially when it comes to recycling! That's when some good soul at the Worcester Telegram and Gazette decided to do the right thing and put some paper from a faulty data run on Boston Globe subscribers' bank or credit card records in the recycling box. That paper ultimately was used to bind copies of the Sunday T & G, which meant that thousands of us unwittingly had our credit card and/or bank account information exposed to potential identity thieves. The papers had all sorts of elaborate data protection systems in place, but ultimately one well-meaning individual undid them, putting us at risk.  As a result, many of us who hadn't been affected by Bank of America, Citibank, Mastercard, DSW, Wells Fargo, and Washington Mutual -- to pick only a few of the past few year's data security scandals -- have now joined those victims in losing faith in the private sector's ability to protect our privacy and our financial information. 

I'm not alone in this skepticism: a 2004 Harris poll showed that:

  •  87% indicated that they had asked a company to remove their information from a marketing database.
  • 65% had declined to register at an e-commerce site because of privacy concerns.
Secondly, as I said, I'm a political liberal.

One of the ways that manifests itself relating to cybersecurity is in my outrage that President Bush, on one hand, trumps the Constitution by unilaterally authorizing domestic wiretaps without going to the FISA Court for authorization. As we found out last week, on the other hand, he can unilaterally  declassify information in order to leak it for political reasons.

That, combined with my suspicion that one of America's most recognizable politicians, Sen. Ted Kennedy,  was put on the No-Fly list, and had a heck of a time getting off, has eroded my confidence in the objectivity and protections in government data collection and mining.

Again, I'm not alone. in a January ABC/Washington Post poll:

  • 64% believed that federal agencies were intruding on Americans' privacy rights in investigating terrorism.
  • 44% were worried that the Bush administration would go too far in compromising constitutional rights in order to investigate terrorism.
Combined, these manipulations of data mean that, beyond the objective challenges you face to improve cybersecurity, you now have an additional burden that's not in your job description: convincing many of us that cybersecurity isn't highly fungible, subject to threats ranging from unintentional sabotage by well-meaning recyclers to sloppy management practices to political manipulation at the highest levels that make a mockery of lofty statements such as the National Strategy to Secure Cyberspace.

Even worse, in the eyes of the general public, these incidents are cumulative. The real differences between improper use of personal financial data by industry and governmental data by security agencies are blurred if not forgotten. One breach becomes the same as another, and everyone gets tarred with the same brush. Is that fair? No, but you must deal with it.           

Now, for the third thing about me that relates to your mission.  I was attracted to the homeland security field after 9/11 for reasons quite different from most of you. 

I  want the people who analyze data that might be relevant to national security and critical infrastructure protection  to be like you: detail-oriented, methodical -- and willing to keep at it day in and day out, year after year.

By contrast, I'm not a demon for process, procedure and accuracy. What attracted me to this field was the concerns raised soon after the terrorist attacks about "failure to connect the dots," to find patterns between seemingly unrelated information, find holistic solutions to complex problems that interweave many seemingly dissimilar threads.  That's something that, because of my right-brained, intuitive approach, is second nature for me. In fact, I had connected the dots for Fortune 50 companies during many years as a private sector crisis consultant. I suspect that, just as what you do day in day out is black magic to me, you might find what I do to be of little or no interest -- or just plain mysterious.

So why are the differing ways that I suspect you and I process information relevant to your challenges?  Four years ago, after speaking at a homeland security conference in DC, I found myself sitting at lunch  with 8-10 veteran civilian DoD analysts. At some point during the lunch -- don't ask me why: maybe the chicken was bad -- their conversation turned to Myers-Briggs personality profiles.

It was not surprising to me at all to find that, with only minor variations, these men and women were almost all the same Myers-Briggs profile: Introverted, Logical, Thinking, and Judging, or (ILTJ) -- ideal personality types for analysts and detail-oriented challenges. I suspect that many of you, if you've had a Myers-Briggs, found that your own thinking styles were similar to theirs.

By contrast, it's no wonder that the physical and cyber security fields don't have many people like me -- the ILTJ's polar opposites: ENFPs: Extroverts, iNtuitive, Emotional and Perceiving. One description of ENFPs will give you an idea of the problem:  "ENFPs may find it difficult to work within the constraints of an institution, especially in following rules, regulations, and standard operating procedures. More frequently, institutional procedures and policies are target to be challenged and bent by the will of an ENFP".

So, why the heck are my quirks relevant to the Center for Reliable Information Systems and Cyber Security's mission of "fostering collaboration between researchers from different colleges, building partnerships with industry and other colleges, and reaching out to the community to increase knowledge, awareness and education in cyber security"?

Because we face challenges unlike any we've faced in the past. We must respond in different ways, ways that will require the ILTJs and ENFPs, the political liberals and conservatives, the security skeptics and the security hard-liners.

Think about the current security threat. It's not a group of programmers in a 1960's-style Soviet gulag working in lockstep to break our codes because their very lives depend on it. Instead, it's:

  • a motley crew of teenage hackers in bedroom communities whose motivation is the intellectual challenge of cracking a system
  • organized crime rings in Eastern Europe
  • Islamic fundamentalists with an ideological zeal to bring the Great Satan to its knees.
  • and many others
The fact that they aren't tightly integrated in a hierarchical chain of command, and,  in fact, may be as contemptuous of each other as they are of us, is irrelevant. It is the cumulative impact of these self-organizing, self-directed networks that makes them so effective. In part that's because a networked enemy can not only use a technology network such as the web to communicate between themselves, but also is more effective than a hierarchy could be in bringing down that very network, because they don't concentrate on a single point of failure, but on multiple points at the same time.

The Pentagon realized the transformative role of networks in the 1990's, due to the work of  two Rand Corporation researchers, John Arquilla and David Ronfeldt. In 1993, they coined the term "netwar."

Arquilla and Ronfeld wrote that the information revolution is "altering the nature of conflict across the spectrum." Communications technology gave small groups who communicate, coordinate, and conduct their campaigns in a networked manner, without a precise central command, an advantage over hierarchical forms. Logically, Arquilla and Ronfeldt said that it takes a networked defense to fight a networked offense. Their approach is now an accepted part of Pentagon strategy.

The second aspect of the evolution of networks arguing for a networked cybersecurity strategy is the nature of the communications technology that you and I increasingly use on a daily basis, from cell and camera phones to Wi-Fi laptops and GPS in our cars. These devices are increasingly IP- and packet-based. That means the resulting networks are decentralized, self-organizing and self-healing -- they don't depend on central authorities or facilities.  It also means that they are increasingly ubiquitous, combining more types of information into a unified whole, and therefore a more inviting target to hackers and terrorists, because disrupting them will affect every aspect of our lives. And, the more disparate elements are interwoven into the network, the more opportunities, especially at the fringes, present themselves for disruption, hence the growing concern about cell phone viruses, PIN thefts, and related threats outside the firewall that can trigger problems behind the firewall.   
The final networked component, and the one that I hope becomes a key strategic focus of the Center for Reliable Information Systems and Cyber Security, is networked behavior.

I argue that the key to robust security in a networked age is networked thinking, and that's where melding the diverse talents, insights and priorities of the intuitive and intellectual, liberal and conservative, must come into play.


We must replace the old hierarchical, topdown model with a  bottoms-up one dominated by smart swarms.

In case you haven't heard the term, it is the outgrowth of research at the Santa Fe Institute -- home of much of the pioneering work on chaos and complexity theory --  on  emergent behavior, first observed in lowly ant hills and bee hives, and now found in human society as well. 

Emergent behavior is a phenomenon in which a higher-level of behavior and thinking spontaneously emerges from the acts of a large number of individual actors -- action that is more than the sum of its parts.

I'm happy to report that emergent behavior is already playing a critical role in cybersecurity.

We saw a dramatic example of this phenomenon just last week. 

Coverity (a firm that does automatic analysis of code to quickly identify defects that might cause catastrophic crashes), Symantec, and Stanford have a contract with the Department of Homeland Security to analyze defects in open source products such as Linux, Apache, and my SQL. Why? Because these programs are so widely used today, so flaws in their code might be exploited by cyberterrorists. 

Last week, as the program got up to speed, Coverity released initial results that were dramatic proof of smart swarms' virtues:

  • In the first seven days after it was publicly announced, more than 200 open source developers registered to gain secure access to the online defect database that Coverity had compiled.
  • This smart swarm of independent developers fixed more than 900 defects during the first week, more than 5 bug fixes per hour.
  • Samba, a widely used open source program used to connect Linux and Windows networks, showed the fastest developer response, reducing software defects from 216 to 18 in the first seven days!
  • Perhaps the most dramatic example was the Amanda backup and recovery software project. During that week, its developers eliminated all software defects that Coverity had found. In fact, they quickly released a major version, 2.5, to mark the fact that 0 outstanding defects remain.  
Contrast that rapidity of response with what would seem on surface to be a much more easily-revised program: Windows. After all, Microsoft has many more coders on its staff and it can order them to make changes or lose their stock options rather than having to cajole a bunch of free agents and free spirits with only pizzas to offer as inducements, as is often the case with open source projects.

The evidence is incontrovertible: Smart swarms improve cybersecurity.

In the new security paradigm, not only will we use smart swarms to improve the security products themselves, but the resulting software will also encourage smart swarms when they are applied, as well.

It's too bad that Charles Jennings of Swan Island Networks couldn't be here to describe in depth the work they've done in this regard. It ain't no coincidence that one of the company's two primary products is called SWARM: Jennings is very much a pioneer in applying emergent behavior to software.

SWARM®  is an over-the-Internet communication system that allows a central authority to maintain persistent control over highly sensitive information, rich media (text, audio, video, dynamic mapping, etc.) and alerts while distributing it to trusted users on a real-time basis. SWARM also introduces robust security features for non-repudiation and security monitoring -- all within a dynamic, components-based security framework.

Perhaps most innovative is a unique "poison pill" content erasure feature -- not unlike the Mission Impossible self-destructing tapes, making it ideal for coordinators during an emergency to, for example, give short-term, limited access to classified information to individuals who don't have security clearance but who must have that data at that precise moment to cope with a situation. The issuing authority can impose limits on whom, if anyone, the recipient can share the information with, and how long they can possess it -- at which point the data vanishes.

Each SWARM  includes a closed-loop, highly secure "last mile" connection to a unique community of known users, making it easy for individual swarms to federate with each other, and to exchange information in standard data formats.

Fighting terrorism or disasters requires rapidly evolving collaborative action among players who may, under normal circumstances, be separated by organizational, jurisdictional, and IT boundaries. SWARM can actually provoke higher-level, smart swarm behavior by enhancing communication pathways among members of these ad hoc, yet trusted, communities of users. It does this by adhering to a few simple rules about information access and targeting, by integrating rich feedback loops from individual members, and by issuing new software releases every 90 days, co-evolving with  its users.

I've been called a visionary, but I'm also a realist. 

Building the kind of smart swarm approach to cybersecurity that I've described won't be easy. We right- and left-brained people see the world, and our jobs, in fundamentally different ways. We process information differently, and we speak differently. We don't always understand each other.

Yet, I argue that we have no choice but to collaborate and overcome our differences. The nature of the networked enemy we face requires the best of both of us: your attention to structure and detail, and our attention to how those dots fit together. The threats will change constantly, as will the tools both we and our opponents will use. Only through a flexible, dynamic and robust networked strategy will we be able to counter the flexible, dynamic and robust network enemy we face.

I, for one, look forward to the challenge, and to working with you.







W. David Stephenson is a leading homeland security and crisis management strategist and theorist. He created the "Pandemic Flu Survival Guide" as well as the "Terrorist Survival" suite of programs that put all the information necessary to prepare for and/or respond to a terrorist attack in an easy-to-use data base for handheld devices. He also consults on:

* innovative use of technology, especially to leverage the billions of dollars of mobile communications technology, from cell phones to Wi-Fi laptops, that is already in individuals' hands
* how to create "smart mobs" that can fend for themselves
* community education and empowerment
* win-win collaborations between government and the private sector that provide both security and economic benefits
* bio-terrorism preparation

Stephenson is a frequent speaker on "outside-the-box" thinking at national and international homeland security conferences. He taught courses in security management and issues in technology and criminal justice in the Criminal Justice Department at UMass-Lowell, and before that, taught internet strategy in the continuing education program at Bentley College.

Stephenson's expertise also includes organizational transformation through the Internet, corporate issue management, and new economic and environmental visions.

His articles on homeland security, crisis management, new economic paradigms, and advanced technology have appeared in publications including Federal Computer Week, Network World, The New York Times, The Journal of Homeland Security, Tech Central Station, The Boston Globe, MassHighTech, Profit, and Collaboration, and The Los Angeles Times. He previously wrote the "Future File" column for the MetroWest Daily News.

Before entering the homeland security field, Stephenson provided award-winning crisis management, community relations, and public relations/marketing services in the environmental and renewable energy/energy conservation fields. Stephenson created Web-based strategies for companies and organizations in the energy, health care, education, development and environmental fields.

Stephenson served on the boards of MassNet, 1000 Friends of Massachusetts, Urban Solar Energy Association,the Charles River Watershed Association, and the Massachusetts Residential Conservation Service. He drafted and won passage of the Massachusetts law requiring labeling of plastic packaging to encourage its recycling.

Stephenson began his career as an associate producer and writer of award-winning documentaries at WCVB-TV. He was speech writer, assistant press secretary and press secretary to former Governor Dukakis, and the Lahey Clinic's communications director. He was vice-president and director of public affairs at one of New England's largest public relations firms. Later, he was a director of strategy services at several leading web strategy and services firms.

Stephenson won awards for New England's best campaigns of the year in public affairs, politics, and crisis management. He earned a B.A. from Haverford College, and a M.A. from the Newhouse School at Syracuse University, where he was a University Fellow.


Previously on W. David Stephenson:


URGENT: with colossal storm hitting West, share my tips!
[Jan 7 2008]


Transparent Government: How Releasing Data and Web 2.0 Applications Can Improve Government Services, Build Public Support and Involvement
[Nov 2 07]


National Information Exchange Model — worth the wait!
[Sep 2 07]


TB case: It all comes down to human issues [Jun 7 07]


10 Homeland Security Technologies to Watch in 2007 [Dec 29 06]


Disaster simulations: getting better, but still no panacea [Dec 2 06]


et al.: my Boston Globe op-ed sparks discussion of virtual regionalism [Nov 16 06]


Centralized emergency communications: exactly WRONG approach [Nov 2 06]


Interactive adventure gaming: cutting-edge fun could pay off in crisis [Oct 17 06]


W. rewrites the minimum quals for future FEMA directors [Oct 12 06]


New blogs helping to create community among NOLA evacuees [Sep 25 06]


Mark Lombardi [Sep 17 06]


Ten 21st century disaster preparation tips the officials won't tell you [Aug 28 06]


Networked Homeland Security: cheaper, more flexible – and inevitable [Aug 20 06]


Networked Homeland Security: transforming the public from pawns to partners [Jun 17 06]


Cybersecurity Strategy: from Hierarchies to Smart Swarms: address to the Boston University Center for Reliable Information Systems and Cyber Security [Apr 10 06]

Stephenson's cool tech tip of the moment:

Spring's here, so put some ICE in your cell phone

I know you’ve all been waiting with bated breath, so the wait is over: it’s time for another “21st century disaster tip you WON’T hear from officials.”It ain’t feelin’ like Spring here in the Hub of the Universe today — cold and with high winds — but the calendar says it’s Spring, so that means it’s time to put some ICE in your cell phone (BTW: if that sentence made an ounce of sense to you, you’re going to have to repeat Logic 101 next semester.).ICE, you see, is an acronym for In Case of Emergency.

It’s a project started by British EMT Bob Brotchie (there’s
now a commercial site dealing with ICETM services, as well) that has spread virally around the world, albeit sporadically.

Here’s the idea:

1. put several ICE listings in your cell directory ICE-1, ICE-2, etc.
2. under each of them put the phone # of another family member or a friend who you’d want called in case of emergency.

If there is an emergency and you’re unable to communicate, first responders will (we hope: the concept is voluntary, so part of your homework, boys and girls, is to let your local officials know about it, so they can make certain police, fire and EMTs know to check the listings) check your ICE listings and then until they’re able to reach one of your emergency contacts, tell them about where you are and your condition, and ask whether you have any particular chronic conditions and/or medications that should be considered in caring for you.

So put some ICE in your cell phone, tell your family and friends to do the same!

Family locator

Sprint has just announced its Sprint Family Locator service is now usable on all Web-enabled Sprint phones. It allows family members to locate other family members — especially children and the elderly. The contacted phones don’t have to be Web-enabled — more than 100 other non-Web enabled phone models sold by Sprint can be used.

The system uses GPS to locate the other phones. For example, according to Sprint’s news release,

“Parents can login on their phone or a PC to locate a child on an interactive map, even when the child is using their phone to make a call or send a text. The service also gives the address, surrounding landmarks and accuracy of the child’s location within a specified radius, along with the ability to click to call or send a text to the child directly from the service. Additionally, the service enables a parent to set Safety ChecksSM at certain landmarks such as a school, home, or relative’s house, at specified times. The parent is automatically notified whether the loved one is near the specified landmark at the set time, providing “hands-off” peace of mind. “

The feature costs $9.99 per month.

Even though this service is proprietary to Sprint, I think it merits inclusion in my list of “21st-century disaster tips you WON’T hear from officials”, because it fosters use of social networks in an emergency, offers a texting option that’s more likely to get through when bandwidth is limited and because it offers real-time, location-based information that can be critical in a rapidly-changing situation — and could foster collaborative response by a family to a crisis, encouraging “wisdom of the crowd” to emerge. I expect other carriers will offer similar programs in the future.







The contents of this site, unless otherwise specified, are copyrighted by © Big Medicine 2001-2009. The news provided is for personal use only. Reproduction or redistribution of the this site, in whole, part or in any form, requires the express permission of Big Medicine or the original source. For questions or comments pertaining to this site, contact the web administrator. Big Medicine is not responsible for the content of external sites linked and does not endorse their content. Advertisers are not responsible for Big Medicine contents, the content of external sites linked and do not endorse their content.