GCHQ and the challenges of information management
During the Christmas vacation I worked my way through the 800+ pages of Behind the Enigma – The Authorised History of GCHQ by Professor John Ferris. The history starts at 1844 and goes up to the present day. The level of detail is extraordinarily high though the extent to which GCHQ (working closely with a small number of other national agencies in the Five Eyes consortium) has been able to decipher encrypted communications is only hinted at. Despite the level of detail the book remains very approachable as the author has in many cases taken a thematic and then chronological consideration of the evolution of GCHQ, such as the extended discussion of the international politics of signals intelligence over the period from 1941-1992.
As I read the book (unusually for me line by line) a very clear theme emerged of the constant challenges that GCHQ (and its predecessors) faces in managing the distribution of the information it collects.
These challenges include
- The balance between delivering individual message content and providing summaries of the messages or groups of messages to what it sees as its customers
- The extent to which signals traffic should be integrated with intelligence gleaned from other sources
- Defining the extent to which its customers should be aware of the sources of the message information and their credibility
- Ensuring that budget holders are aware of the human resources needed to assess message content, especially in terms of both national and military (acronyms etc.) languages
- Finding and training specialists in making best use of the technology available
- Anticipating future requirements for intelligence early enough to be able to respond quickly to these requirements emerging with little prior notice
- Having a clear, unambiguous, governance structure so that responsibilities are clearly recognised
I have deliberately listed out these challenges without including the GCHQ acronym because these challenges are identical to those within any reasonably-sized organisation. The ‘individual message content’ referred to above are individual search results that may, on their own, provide only a partial information solution even if they are relevant to some extent.
What also comes across in the book is the importance of building databases of information about people, and about political and military organisations. These databases act as a means of validating the messages and providing valuable context to those who may not be totally familiar with a topic.
Another theme that emerges is that there are no definitive solutions to these challenges. Over the years the influence of GCHQ Directors, the national security governance of the UK and the interests (or not) of politicians have all had a bearing on deciding the best way forward. This is no different to the enterprise, where a change in business direction or the replacement for a senior director can have a major influence on the status accorded to information management.
Because there are no definitive solutions GCHQ has become adept at developing and revising operational and strategic plans on a far more ad hoc basis than would seem to be desirable, but fortunately the calibre of its staff has enabled it to remain at the forefront of global intelligence management.
You do not need to read through the book in its entirety to identify these challenges and how they have been met. Start at any chapter and the challenges are invariably generic to any situation; it is just the management of them which determines eventual success (of which there have been many at GCHQ) or failure (more than might be deemed acceptable) in meeting the objectives of its customers. There are so many lessons to be learned from this book that it should be required reading for any senior information manager.