Biometrics and the Battle With Returning Foreign Fighters

The course of a national security investigation is often complex and there are many potential methods of obtaining intelligence and evidence. One of which, biometrics, is extremely important in investigative counter terrorism. Fingerprints, DNA, iris, voice, palm prints and other systems all play a critical role in identifying suspects. This is often from samples and traces obtained through investigations or in conflict areas, from the recovery of weapons or bomb residue for example. The resulting profiles are central to the process of assessing the threat posed by a relatively new phonemenon, that of jihadists returning to their country of origin. This information is used to confirm or deny that they are the person they purport to be and is a key part of considering how to deal with these individuals should they decide they want to voluntarily return, whether through disillusionment or other similar motive but face lengthy incarceration. 

The International Centre for the study of Radicalisation estimates that the number of fighters from Western Europe traveling to Syria to fight against the Assad government has tripled to around 1,900 since April of this year. However, what is perhaps most disturbing is the number per million of these populations, with Belgium up to 27, Denmark 15, and 6 for the UK. This, combined with the 24th May shooting at the Jewish museum in Brussels where 4 were killed, emphasises the gravity of the situation. In fact, the subject of voluntarily returning combatants is a challenging area, as the security risk they pose ranges from those that could be managed through a disengagement programme, up to those of a higher threat where tools such as TPIMS (Terrorism Prevention and Investigation Measures, UK legislation) would be more appropriate. Those that pose a more immediate and apparent threat will feature on agencies’ priority targeting grids.

In order to evaluate that threat, the first stage in any process would be a robust and reliable assessment of the risk. Hence, identifying and understanding their past activities both while overseas and in their country of origin is heavily dependent on confirming their identity. This involves the assistance of a wide range of agencies and poses questions about issues such as intelligence sharing between European Union member states prior to terrorist incidents, where communication and cooperation appears to have been highly effective and expeditious following such events. Collaboration is key, but under-pinning this type of assessment framework is the need for academic validity and technological support in addition to the assessment method itself and international cooperation.

So, why are countries, like Belgium, failing to systematically identify behaviour exhibited by potential terrorists? Behaviour such as involvement in extreme on-line conversations, associating with others of an extremist disposition, withdrawing from mainstream activities and events, travel to areas of conflict and, when leads are identified, why are further trip-wires, such as unusual purchases, not activated and added to that profile? It appears that systematic associations between linking, alerting and relevant procedures are not as effective as authorities would want them to be. This is further exacerbated by the fact that information and intelligence sharing between states is not as seamless as it could and needs to be. However, modern technology solutions can now facilitate this intelligence-led investigating, enhancing data analysis and collaboration, and allowing agencies to better prevent and detect threats to national security.

Much of this centres around the effective use and analysis of the vast volumes of data held in several forms of intelligence across multiple disparate systems – connecting the dots and building a complete picture can be easier said than done. But modern technology solutions have now been developed that operate on a POLE-type data model (Person, Object, Location and Event) for the storage and recording of incident and entities. The POLE model allows entities to be recorded in the system once. The recorded entities, however, can be linked to other entities and events as many times as is necessary, building up the complete profile and network of associations of the monitored persons. This can be accessed quickly and automatically updated in real-time. Such developments also facilitate investigative and intelligence agencies in collaborating and sharing information, regardless of their international location. This is crucial in tracking modern threats like returning combatants, as they transcend national boundaries.

However, there are inherent challenges in all of these. For example, with intelligence sharing between states, there are serious issues to be resolved such as compliance with the respective legislative requirements and agreements. There are often different assessment and prioritisation procedures and although the designations of the sensitivity of intelligence have European commonalities, how they are interpreted is dependent on a range of factors, including the level of technological support to assist investigators in spotting crucial data and acting on that information expeditiously. The threat posed by returning foreign fighters will continue to develop and evolve, and technology has to be at the forefront of international defence capabilities.


John Wright is Global Director, Public Safety and Justice at Unisys


« Top Tips: How CIOs Should Talk to CFOs


eCommerce Overdose: China's Shopping Addiction »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?