How Much Data Does the Taliban Have on Afghans Who Helped Coalition Forces?

Although the Taliban has tried to re-brand itself as a kinder, gentler organization, no one has really been buying it. The prevailing opinion is that they will wear this disguise until they get money from the West, then, all bets are off.

It has already been reported that the Taliban have a “priority list” of people that it wants to arrest, and they are going door to door looking for them. In addition, if those on the list don’t give themselves up, they threaten to kill their families. It’s safe to say, in this case, that the so-called priority list is really a kill list. Don’t expect to get a fair trial from the Taliban since anyone with an AK-47 is judge and jury. In other words, you don’t want to learn that you’re on the priority list. If you are, you’d probably want to get out of the country as quickly as possible.

But, apparently, thanks to an oversight by the U.S. command, the Taliban has gotten its hands on a treasure trove of data that can identify those who helped the coalition forces. Among this information is biometric data stored on a device known as HIIDE (Handheld Interagency Identity Detection Equipment). The devices contain iris scans, fingerprints and facial scans or photos. It’s like having a photo album of everyone who helped the NATO and U.S. forces.

The device holds this information on SD cards and also uploads the information onto servers. The cards themselves likely hold information on local Afghans that were helping coalition troops. The servers hold information on all Afghans who worked with the troops. One device will, therefore, hold only a limited amount of information, but it’s not that limited. A single device can hold 22,000 complete profiles.  However, if the Taliban gains control over a number of these devices, they may be able to identify a large percentage of those Afghans who aligned with the West.

Identifying Afghan partners was not the only reason for using the HIIDE devices. Originally, the U.S. government had a goal to identify 80% of all Afghans to help undermine terrorist attacks.

The information from all of these devices is added to a database which is stored on ABIS servers. Here is the architecture of all of the agencies connected to this database.

Looking at this from a cybersecurity angle, there just seems to be too many ways a nefarious actor could infiltrate this system, if they haven’t done so already. There are simply too many endpoints. Besides, from what I can see, it is possible to pay a fee to tap into much of this information.

In other words, I would suggest that anyone who has ever been associated with the coalition forces, foreign NGOs, or anti-Taliban organizations is in real danger. You will almost certainly be exposed.

Just as worrying is the Afghan Personnel and Pay System developed by the U.S. for the Afghan government to keep track of all the people employed in the Afghan army and police. This is a database of detailed information for all of those Afghans it has ever recruited. Here, for example, is the information available for those who have ever been in the police force.

It doesn’t take much imagination to figure out how the Taliban could coerce those with access to this database to transfer the access to them. But not to worry. If they haven’t got the know-how to access these databases on their own, their new Chinese friends can probably help them. It may have already happened. According to one reliable report, “the UN High Commissioner for Human Rights Michelle Bachelet said the reports of humanitarian and human rights abuses include ‘summary executions of civilians and combat members of the Afghan national security forces’.”

There are, of course, other databases available to the Taliban. The problem was that the government fell so fast that deleting databases was the last thing on most officials’ minds. The U.S. military clearly had no plans in place for their HIIDE devices falling into enemy hands. That said, they may be able to monitor access to their databases more closely, if it is not already too late. Attacks on the servers can be expected.

In the end, we will just have to see if there have been any substantial changes in the Taliban since they last ruled Afghanistan. It seems unlikely that everyone on these priority lists will be given absolution and I certainly would not want to wait to see if I was one of the lucky ones. If it is the case that the Taliban plans to execute or imprison anyone connected to the coalition troops, Afghan army, and Afghan national police, then I would not expect them to allow these people to leave the country, no matter how much U.S. officials promise this will be the case.

Don’t imagine the Taliban will have infinite patience. At some point, they will likely give the U.S. an ultimatum: give us money or you don’t get your people. Paying, in this case, would be paying a ransom and with thousands of people left behind, that ransom could be quite high, so high, in fact, that we will not be told of the exact amount until far into the future because it will be considered as classified information. My guess is that, in order to show how serious they are, the Taliban will have to execute some of these people publicly. That’s when we will know that the new Taliban is the same as the old Taliban, and there will be nothing we can do about it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s