The exchange of information during times of crisis/disaster has traditionally been the purview of public safety, the National Guard and other local, state or federal authorities. However, this model is undergoing a change with the availability of new mobile communications capabilities and the rise of social networking sites. The general public can now create and share information about crises as they unfold, and researchers have documented the timeliness and surprising accuracy of this information. As part of a large National Science Foundation funded project, researchers at the University of Colorado are developing tools to extract, organize and assess the flow of crisis related information as posted on social networking sites. With the promise of improved warning and coordination, such tools should help reduce the impacts of large-scale disruptions, including political crises, natural disasters, pandemics and terrorist threats. In this model, members of the public can obtain (and produce) information about an emergency that is specialized to their needs—as well as meta-information specialized for crisis situations— that helps them make judgments about the ever-growing amount of information. Such meta-information includes features of its source; judgments about the authoritativeness of the source; its concurrence (or not) with official sources; its timeliness (as the information may be better than official sources); other spatio-temporal features of the information’s life; and anticipation of who would be looking for this information and why. Data mining and information extraction techniques have a critical place here, as does the creation of trust models and security techniques to offer privacy or possibly anonymity.

However, if mechanisms are provided to enhance the users’ privacy and even offer the capability for anonymous information contributions, it is possible that malicious entities may exploit this anonymity and inject false and misleading information into information streams. It is worth noting that false information could be introduced into the system without these features; it is just that an anonymizing system removes the consequence of being identified. Fundamentally, establishing identity within a networked environment is a challenging problem. For instance, a classic problem within the field of reputation systems is the Sybil attack, which occurs when a single entity establishes a large number of identities, for instance, by adding a large number of nodes to a peer-to-peer network. This has implications on designing reputation systems to detect the injection of bad information by malicious parties, since it is always possible for them to simply add a new identity to the system to counteract any previous misbehavior. Given this fact, we take an alternate approach to determining reputable users and information during an event. We will look at two possible implicit reputation indicators, one using client location services and another using analysis methods based on network graphs and activity within networks. Using network analysis methods, it may be possible to infer location, influence and other attributes based on communication, context and association with others in the network. Data for these methods is available via public application programming interfaces (APIs) from some online social networks. Monitoring these public APIs during crisis situations, we are able to use these analysis methods to infer information about users as the crisis is evolving.

With the development of these tools, we must consider public policy issues that arise from this research. First, we ask what public policy issues emerge as a result of this vision of empirical research and development activities, and how they can be framed using a crisis informatics lens? Investigations of this kind require consideration about how crisis-related data is collected, analyzed and disseminated within the context of current federal and state laws, policies and regulations. Because information aggregation efforts may cross national borders, we will also take into account similar (and often more stringent) laws and policies in other countries. Important questions in this area center on issues of legal precedent, communications-related laws and policies, regulations and authorities regarding information dissemination during disasters and privacy and security issues. Other questions include how the policy context will affect our own information capture and aggregation methods. As an over-arching concern, we question whether it will be possible to design methods for capturing and processing diverse content ethically and in adherence of law, while also not creating new, insurmountable policy issues around information aggregation. Next, we ask what is the risk of legal liabilities that might arise. Who is responsible if the information is wrong? What if the system suppresses the dissemination of vital information? Does this constitute some type of negligence or a failure to adhere to required duty?