Technology: Deception Detection

A new e-mail surveillance technique decodes unusual word patterns and detects suspicious activity-be it terrorism or corporate corruption

You would think software designed to sniff out lies and deception in e-mails would go crazy once it was let loose on the database of Enron's electronic correspondence. But much of the deception uncovered by a new e-mail surveillance technique developed at Queen's University came not from inside Enron, but from the institutions that helped execute the deals that eventually destroyed the company, says David Skillicorn, the computer science professor who developed the program and conducted the study. “A lot of the Enron e-mail wasn't deceptive because many of the people inside the company didn't think they were doing anything wrong,” he says. “But many of their partners outside of Enron knew they were on shaky ground, and their deceptiveness was reflected in their e-mails.”

Traditional e-mail surveillance software searches for suspicious words or phrases like “bomb” or “gun.” However, knowing their e-mail may be monitored, terrorists or white-collar criminals avoid such keywords. This creates unusual word patterns, which is where Skillicorn's technique comes in. For instance, an al-Qaida terrorist who wants to say “The bomb is in place,” will instead say something like: “The shirt is in place.” That's an unusual sentence, and given enough information, Skillicorn's technique would flag this as potentially deceptive. “People trying to do something unusual–like hide what they really want to say–have a hard time doing it naturally, and that comes through in their e-mail,” he says.

While Skillicorn's technique failed to uncover a smoking gun in 500,000 of the Enron e-mails seized by U.S. federal regulators, it did show that the overall level of deceptiveness within Enron escalated as the crisis reached a climax. As things got worse, e-mails from Enron's employees contained simpler sentences, fewer personal pronouns and more negatives as authors tried to distance themselves from what they were saying, says Skillicorn. “When you are lying in an e-mail, you cut down on the details and use simpler sentences than you would if you are just speaking off-the- cuff,” he says. “This creates a signature for deception that we can track.”

Skillicorn has presented his findings at academic conferences, but has yet to market his surveillance technique to either international intelligence agencies or private-sector companies. The technique is far from foolproof: the use of unusual words in an e-mail could indicate deception, but it could also indicate personal or emotional e-mails whose language is out of sync with dry corporate-speak. “Whether it is something deceptive or something personal, our technique flags a lot of e-mails that you basically wouldn't want your boss to read,” he says. In the post-Enron era, e-mail monitoring is here to stay. Think about that next time you're about to hit the Send button.