Emergency Management

Making Sense of the Info Flood – A Social Media Exercise System

Social media is becoming a mainstream outreach and crisis communications channel for crisis and disaster management. Despite this growth, many emergency managers and agencies are not adept at working with Facebook, YouTube, or Twitter. The immediate nature of this medium means that some traditional crisis communication methods do not translate well, and must be adapted. Further, social media serves as a quick and effective method for monitoring public feedback or commentary on a crisis or disaster, and that function can and should contribute to an organization’s situational awareness.

To address this need, the Center for Disaster Risk Policy (http://cdrp.net) has developed a platform to exercise with various social media tools. The Social Media Exercise System (SMEX) is a ‘closed loop’ social media simulator, allowing real-time exercises involving social media to be conducted in a controlled environment. SMEX simulates Twitter, Facebook, Youtube, and web based news outlets, and includes interaction directly from the ‘survivors’ in the impact area. All simulated social media exercise components are aggregated (if requested) using a Ushahidi deployment that is part of the platform, allowing participants to assess and triage information as it flows into the exercise and form a geographical understanding of exercise events.

To support the SMEX, a simulation cell consisting of one or two exercise controllers oversees the flow of information to the participants. From this web-based control panel, controllers deploy inject ‘packages’ on either a schedule or as needed. Typically, groups of Twitter injects are created in advance of the exercise, so that as packages of injects are placed into the exercise the system creates a semi-realistic operational tempo. This allows for controllers to adjust the pressure of the exercise, by adjusting the rate at which new injects are brought into play.

The first SMEX, a proof of concept, was conducted in our Disaster Systems course in April 2012. There were seventeen participants, and each had brought with them their own laptop or tablet computer. Since with was a university course, they were not pre-organized to work in a crisis situation, though they were all familiar with the Incident Command System. This was deliberate, since I wanted to see the student recognize the need for organization and adopt some of the techniques learned throughout the semester.

The exercise was based on a tornado outbreak in and around Tallahassee, where the students would have some familiarity with the geography. To support about 90 minutes of play time, approximately 500 tweets were created, as well as four online news stories at both the local and national level, and dozens of 911 reports that would be fed to the exercise system. In addition the the pre-planned inject packages, controllers were able to create injects on the fly, working off on information overheard in the room. This allowed us to create some ‘curve balls’ that were based on decisions the students were making. Injects were crafted to focus on building situational awareness in a dynamic and chaotic situation, composing outgoing messages to the public, and identifying rumors. The operational tempo for this exercise was considerably lower than what would be encountered in a real event, but it adequately illustrated the stressful environment that participants in a disaster would have to work in.

At the start of the exercise, we identified the group as an ad-hoc organization working in support of the Public Information Officer. I had them designate a Team Leader, gave them the background briefing, and turned them loose. Within the first five minutes, they had dozens of tweets and 911 reports to deal with, and they quickly broke up the group by functions to better address the issues. The functions they identified early were Twitter monitoring, Ushahidi report review, 911 reporting, and media monitoring. These teams then started filtering the information and trying to prioritize and identify trends.

As the exercise wore on, several things became clear to the controllers and participants:

1. One map isn’t really sufficient. You need a map (such as Ushahidi) for initial assessment of incoming info; a sandbox, and a ‘final’ map that contains only what has been assessed as valid. Two Ushahidi instances may be the way to go, we aren’t entirely certain yet.
2. Filtering capability of reports and tweets needs to include time range searches. For example, participants needed the ability to show all tweets received between 1800 and 1820, and that capability did not exist.
3. Simulating social media requires a lot of data to be created.
4. The simulation cell needs custom built tools to effectively manage the inject of information to the exercise.
5. While the type of information received never called for emergency managers to allocate resources, it was very helpful for gaining a complete understanding of the event. The students in the room had an excellent picture of the scenario, using only information gained through the exercise system.
6. News article comments are a valuable source of data, and key areas to monitor for rumor and incorrect information.

Overall, the proof of concept SMEX was a success. Participants enjoyed the process, and learned quickly that such a simple concept was actually very difficult in operational conditions. It illustrated to the students the fact that social media can be a valuable source of information, as well as a difficult data stream to understand and process.

We are currently designing the next generation of the SMEX platform, as well as several scenarios that can be deployed as needed. In future iterations, we plan to extend play time by adding inject packages, and create a more realistic Twitter simulator. In addition, we will provide additional Ushahidi instances to participants to utilize as they see fit. We are looking forward to gathering additional data as we conduct exercises in a variety of settings – all aimed at improving social media usage for situational awareness.

Fukushima Long Term Population Displacement

Imagine evacuating your home during an emergency, then not being able to return… for 20 years.  That’s pretty much was some Japanese citizens are facing after the Fukushima Daichi disaster.  It’s a huge social and economic issue, and something that is not easily solved.

CMAS is Going Live, and Testing Again

Reports are trickling through Twitter that at least Verizon is testing CMAS today, displaying blank messages. At least one twitter user found it “creepy as f&$%”.  I’m sure the latest carrier tests are linked to the impending rollout, which is scheduled for… now(ish).

As usual, AWARE Forum has a detailed post talking about the rollout and the work done so far.

Social Media and Post Incident Information Gathering

In my last Disaster Systems class we were discussion the usage of social media in emergency management. This is a standard topic in my syllabus, and probably the most dynamic of topics that we cover; I am constantly adding and editing information to keep current. This semester, as part of this lesson I wanted to do a hands-on activity utilizing social media and let the students play with some of the data validation and triangulation techniques we discuss in the lecture.

I had about ten students participate, a mix of graduates and undergraduates. They split into small teams and broke out laptops, tablets and iPhones (not an Android device to be seen). I gave them the guidelines for the drill, which included the fact that no major media outlets were to be utilized as sources. They were asked to limit their efforts to Twitter, Facebook, blogs, Google+, etc. – I wanted them playing in social media for the most part. We reviewed a few tools (Twitterfall, Hootsuite, TweetGrid) they might find useful in their monitoring and reminded them this was a passive exercise, there was no need to post information.

They were then told to find as much solid, verified, information as possible on the Ohio high school shooting, which had occurred about eleven hours before. I was looking for the basics – who, what, when, why and how – as well as samples of bad or bogus information and samples of information that was repeated endlessly. It was a simple topic, the SM chatter on the event was plentiful, but they only had about 20 minutes to work with.

What they came up with was an interesting mix of expected and unexpected. For the most part, given the timeframe, they had very few hard facts. They knew the shooting was in Chardon, Ohio. They knew the shooter’s name. Several of them found his Facebook page, but were unable to adequately verify it as authentic. Lots of rumor and soft info on the shooter’s habits, personality, and possible motives. All of that I expected. However, they were unable to find any hard info about the time of the incident, the current status of the shooter, or the exact casualty/fatality count (we had at least three conflicting “themes” on that one). It was an interesting observation.

There were several key points from an emergency or crisis management perspective.

1. There is more information out there than you can imagine, and sorting through and curating it all is going to take time. Time is a commodity that most activated EOC’s seldom have enough of.
2. Social media can provide a lot of ‘soft’ info, but may be lacking in the hard details. This is not a bad thing, as the hard details are typically available to an emergency manager from other sources. Social media can fill in what the community is saying, what the public is focused on, and enhance your situational awareness and crisis communication.
3. Social media monitoring is best as a collaborative effort. The groups used shared workloads and ad hoc collaboration to go out to a variety of different sites/sources hunting information.
4. A lot of information is stale and/or incorrect. Verification of information is important, particularly in dynamic events as information will change rapidly. Verification and authentication takes time.

All of these factors show the value of the VOST (Virtual Operations Support Team) concept as a tool to assist emergency managers and EOCs manage the social media environment. It was a great informal exercise, and I’m looking forward to doing it again and collecting more information.

CMAS Test Confusion. Again.

This morning on Twitter and other social media channels I started seeing references to a CMAS test conducted yesterday, apparently by Verizon Wireless.  What caught my eye was the fact that the alert messages that ended up on some people’s phones were not clearly ‘only a test’.  I pinged the #SMEM group on Twitter about it, and quickly got a response from @AWAREforum directing me to their post on the subject:  Large-scale CMAS Testing Yesterday Causing Confusion.

Many reports indicated it was a nationwide Verizon test, but I am a Verizon subscriber and did not receive the alerts – and neither did anyone else I know.  While many people complained that the message was confusing, all of the screencaps in AWARE’s post seem pretty clear that it’s a test message.

I was also surprised by the repeated sentiment that CMAS was a tool for the government to ‘bug’ or ‘track’ the population.  I shouldn’t be surprised, I guess; there are people who will believe anything.

One final point… this is a great example of Twitter serving as a great tool for emergency managers.  I needed some info, I posted it to the #SMEM hashtag community and had an answer in five minutes.  If you are on Twitter, be sure to check out the discussions on #SMEM and the weekly live chat conducted under the hashtag #SMEMchat – Fridays at 1230pm EST.

Report Raises Questions About Threats to Great Britain

This BBC article points out that Britain may be facing an increase in ‘lone wolf’ and other self-radicalized terrorist attacks in the coming months and years.

“The Royal United Services Institute estimates about 50 Britons are fighting with Somali extremists Al Shabaab.  They and others returning from wars in Yemen and Nigeria could use their experience on UK streets, RUSI said.”

That is a very specific estimate, and I would like to see how they arrived that that figure. Surely it is not based on specific tracking of people or targets; if specific identities were known, I doubt they would remain a threat at large upon return to the UK. Whatever the method, it is true that this type of overseas on-the-job training is a serious threat to the security of most nations. While the article title focuses on the ‘lone wolf’ scenario, these experienced terrorists and fighters could easily coalesce into home grown terror groups, as well as serve as a nucleus for future terrorist recruitment.

Additionally, Britain is going to be facing some serious restructuring and austerity in counter-terrorism after the 2012 Olympics. While the United States isn’t facing an immediate crisis in that regard, it is only a matter of time before our funding begins to wane. In the U.S., disaster response and preparedness (at the Federal level) will go first, which will place a lot of communities at risk from a variety of both natural and technological hazards.

Etymology-Man [from XKCD.com]

xkcd.com | “Etymology-Man“

Surprising Lesson from Joplin

I’ve always been told an interior hallway will work as a tornado shelter (if a basement isn’t available). This article, written with information gathered after the Joplin tornado, proves that assumption false.

Also of interest is the fact that SMS was working, while cell service was not. This means Twitter would be a functional reporting tool post impact.

The Decline of Public Health Preparedness?

In the years since 9/11, we have seen great progress in the fields of public health preparedness. We have better systems to detect biological attacks, better labs to isolate these agents, and trained personnel who understand the threat and how to respond. Additionally, many of our largest cities received funding to increase readiness, conduct public outreach and responder training, and provide additional planning resources.

This is a great piece by Rick Russotti that all EM practitioners and educators need to read. It lays out his observations that all our progress is in danger of disappearing.

Why? Because we have prepared, prepared, prepared…. And nothing has happened. Not since 2001 (Both 9/11 and Amerithrax) have we seen a major public health disaster event, and that hurts the field. This is a simple governmental truth… Money is tight, and needs to be spent where it is “needed”. Since the apparent need for disaster public health preparedness is low, those programs are in danger of getting cut or eliminated.

Avian Flu and H1N1 did nothing to help the case. We spent a lot of time and money preparing for these pandemics, and they had very minor real world impacts. This trickles down into public perception, and drives the feeling that maybe these funds could be better spent elsewhere. This type of rationalization is common in most aspects of emergency management, and will remain a real risk for any response or preparedness assets that go ‘unused’ for too long.

The problem here, or course, is that while Swine Flu was a dud, the next disease may not be. The next bioterrorism attack may be even more effective that Amerithrax. The next hurricane may create as large a public health crisis as Katrina did… The list drags on, and if we cripple our public health preparedness and response programs, we run the risk of encountering unpleasant outcomes.

Emergency management is all about changing the outcomes of events we can’t prevent in the first place. Sitting idly by and hoping and praying for a better result is seldom an effective way to do that. We need to stay proactive, and we need to stay ahead of the threats, and we need to spend the money needed to maintain our preparedness.

Google Integrates Public Warnings into Google Maps

Wish you had a graphical display off all current public alerts and warnings?  Head over to http://www.google.org/publicalerts and browse around.

Google just launched a maps page that places current alerts, watches and warnings from the National Weather Service, NOAA, and the USGS on a single interactive map.  While aggregation and display is nifty, where Google really shines is in the fact that they are integrating alerts data with search results on Google Maps.  If you go to Google Maps and search for a term that resembles an existing watch or warning, that data will be displayed with your search results.  No word on the Google Blog whether there are plans to integrate warning data with typical web search results – but that would be really cool, too.

For the complete word, here is the official Google Blog post.

http://blog.google.org/2012/01/public-alerts-now-on-google-maps.html

Interview with Laurie Garrett on Bioterrorism

This interview is a fascinating.  I’ve heard theories that Bin Laden’s Al Qaeda was behind the 2001 Anthrax attacks, and Laurie Garrett lays out some logical reasons why this is possible.  Additionally, there is some good commentary in here about how the response to 9/11 affected the response to Amerithrax – a lesson we cannot afford to forget.

From the abstract:

Award-winning radio and newspaper reporter Laurie Garrett, now a senior fellow for global health at the Council on Foreign Relations, describes the mistakes and misjudgments made by government officials in response to the anthrax attacks of 2001 and provides recommendations for what should be done now. Garrett says it is important to view 9/11 and the anthrax mailings as connected events in any evaluation of the government response.

Laurie Garrett – Reporting on biosecurity from America to Zaire.

Extremist Bomb Plot Disrupted in Tampa

This one looks and feels like the real deal.  The details provided make it appear as if the suspect had a plan, was working to acquire the required weapons and materials, and was willing to carry out the attack.

Suspected Islamic Extremist Arrested In Alleged Florida Bomb Plot.

Man charged with Tampa car bomb plot

Man Arrested in Tampa-Area Bomb Plot

When we discuss terrorism and homeland security in the classroom, I always emphasize the fact that intelligence operations are the most effective way to interdict attacks.  This case is an example of that.  The initial indication of the threat was an informant’s tip to the FBI, which started an investigation.

At the same time, this case illustrates the threat of a lone terrorist scenario.  If the suspect had approached a different person about finding al Qaeda flags, the attack could have been carried out without detection.

Last, don’t get hung up on the ‘Islamic’ angle of this story.  This type of attack can be perpetrated by individuals of any religion or creed.

Japan’s Nuclear Exclusion Zone

Excellent series of photos depicting the exclusion zone around the damaged Fukushima Daiichi nuclear power plant in Japan.  The exclusion zone is still evacuated, and most things inside the zone are exactly as they were when abandoned following the March 2011 earthquake and tsunami.

Japan’s nuclear exclusion zone from The Big Picture.

The Big Picture is typically one of the best examples of photojournalism on the net.

Added an update to my post on the NYC CMAS test.

CMAS Test Worked. Mostly. [UPDATED]

The planned test of the CMAS system yesterday in and around NYC seems to have worked.  At least, there are reports that people received the messages on their wireless phone.  One tiny problem.  Some of them, at least, didn’t know it was a test.

Insert snarky comment here.

I have to wonder – who crafted the test messages?  Since this was a test of the IPAWS/CMAS message aggregation capability, I have to think the messages originated with EM personnel somewhere.   If that is the case… shame on you.  If the message isn’t real, either because it’s an exercise, system test, or whatever, the first part and the last part of the message should make that clear.   For example, “Exercise exercise exercise.  There is a civil emergency in your area….  This is an exercise.”

It seems that while the technology worked (people got the messages), the system failed.  There is more to warnings and alerts than simply getting the message to the population, they need to know what to do next.  Comments on the Gawker article (linked) show confusion on the term ‘shelter in place’ as well.  Sounds to me like the risk communication teams have some work cut out for them in the near future.

Update (21 DEC 11)

As clarified in the comments section of this post, the issues here are spread over two separate system tests.  The CMAS system test in NYC seems to have been mostly successful – at least, there was almost zero chatter about it afterward.  Good.

However, a carrier system test (conducted the day before the NYC test) was carried out by Verizon in New Jersey.  This is the test that startled many residents, as the message did not include any indication that it was only a test.  While CMAS doesn’t allow for custom formatting, etc. (and I agree with the commenter that this may cause issues), the alert body still failed to indicate it was a test.

CMAS is going to be a valuable tool in the EM toolbox, and despite some early issues, I’m looking forward to full implementation.