Talk:Mosaic effect

Dissimilar/uniquely different from or to:

• https://en.wikipedia.org/wiki/Mosaic_theory_of_the_Fourth_Amendment
• https://en.wikipedia.org/w/index.php?title=Mosaic_theory_of_intelligence_gathering&oldid=1013033152

This is to see if there's a viable article around the more esoteric legal/security concept of combining enough / sufficient declassified or public-knowledge, or public-domain data, that the new aggregate whole of the collection of that data can instead elevant the concept to the point of being classified, simply on the basis of it's unification.

Although -- this may not be JUST a national security thing; this is a consideration in general intel/counter-intel, as well as in concepts like information technology, network security, likely corporate "security" and more.

May be in some ways similar to or related to the idea of an Information hazard, but in a legal sense.

Data points by themselves are safe to consider in isolation, and were likely released properly per all relevant legal and organizational requirements. However, if you combine and look at those data points just right, you've now breached security--even up to the level of national security stuff.

Imagine if you could combine ALL the text from ALL the sources on a given 100 Wikipedia articles about government-related stuff. All that stuff, by itself, in isolation, is safe. Combine it all and maybe that aggregate data would be considered sensitive compartmented information requiring a sensitive compartmented information facility to even review it.

By arranging the mosaic of information just so, you've revealed secrets.

Timeline...

1. 1967 - (maybe) https://supreme.justia.com/cases/federal/us/390/39/
2. 1981 - https://www.ojp.gov/pdffiles1/Digitization/92732NCJRS.pdf
3. 1993 - https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=25502&section=html
4. 1999 — https://www.federalregister.gov/documents/2000/12/21/00-32565/public-information-and-confidentiality-advance-notice-of-proposed-rulemaking-withdrawal-of-1994
5. 2002 — https://www.energy.gov/data/procedures-public-release-data
6. 2002 — https://www.justice.gov/information-quality
7. 2004 — https://aspe.hhs.gov/sites/default/files/private/pdf/77196/rpt_Disclosure.pdf
8. 2010 - https://richmurnane.blogspot.com/2011/01/mosaic-effect.html
9. 2013 — https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2013/m-13-13.pdf
10. 2014 — https://www.route-fifty.com/cybersecurity/2014/05/worried-about-security-beware-the-mosaic-effect/297335
11. 2014 — https://www.nextgov.com/digital-government/2014/05/the-mosaic-effect-and-big-data/254461/
12. 2014 — https://www.brookings.edu/wp-content/uploads/2014/11/20141201_health_data_transcript.pdf
13. 2014 — https://aspe.hhs.gov/sites/default/files/private/pdf/77196/rpt_Disclosure.pdf
14. 2017 — https://dtm.iom.int/sites/g/files/tmzbdl1461/files/07-11-2017%20Humanitarian%20Data%20Protection%20Draft%205.pdf
15. 2019 — https://resources.data.gov/assets/documents/fds-data-ethics-framework.pdf
16. 2019 - https://www2.census.gov/library/publications/decennial/2020/2020-census-disclosure-avoidance-handbook.pdf
17. 2021 — https://www.washingtonpost.com/politics/2021/08/17/cybersecurity-202-sensitive-government-data-could-be-another-casualty-afghan-pullout/
18. 2021 — https://blogs.icrc.org/law-and-policy/2021/02/09/mosaic-effect-revelation-risks/
19. 2023 — https://www3.weforum.org/docs/WEF_Global_Risks_Report_2023.pdf

To review:

1. https://ft.com/content/84621418-34a4-11e0-9ebc-00144feabdc0
2. https://mitsloan.mit.edu/ideas-made-to-matter/supply-chain-transparency-explained
3. https://online.wsj.com/article/SB10001424052748703864204576321013619678894.html
4. https://online.wsj.com/articles/BL-DLB-33263
5. https://online.wsj.com/articles/BL-DLB-33491
6. https://rsaconference.com/library/blog/your-guide-to-osint-in-corporate-security
7. https://sans.org/blog/what-is-open-source-intelligence/
8. Need to find archive or alternative URL, found this mentioned in another piece: https://scholarship.wustl.edu/cgi/viewcontent.cgi?article=1850&context=law_journal_law_policy
9. https://thetradinganalyst.com/mosaic-theory/
10. https://tuckerellis.com/lingua-negoti-blog/is-the-mosaic-theory-as-a-defense-to-insider-trading-dead/
11. https://www.proskauer.com/pub/proskauer-hedge-fund-trading-guide-2024-chapter-2-insider-trading-focus-on-subtle-and-complex-issues
12. https://www.wired.com/2007/12/why-anonymous-data-sometimes-isnt

1. https://www3.weforum.org/docs/WEF_Global_Risks_Report_2023.pdf
2. https://www.stanfordlawreview.org/wp-content/uploads/sites/3/2015/03/67_Stan_L_Rev_677_Schlabach.pdf
3. https://digitalcommons.wcl.american.edu/cgi/viewcontent.cgi?article=1549&context=jgspl
4. https://www.capitallawreview.org/api/v1/articles/89888-the-mosaic-theory-how-the-intersection-of-mass-surveillance-and-facial-recognition-is-provoking-an-orwellian-future.pdf

1. https://www.theguardian.com/uk-news/2023/nov/09/royal-security-cost-guardian-freedom-of-information-tribunal
2. https://www.washingtonpost.com/politics/2021/08/17/cybersecurity-202-sensitive-government-data-could-be-another-casualty-afghan-pullout/
3. https://iapp.org/news/a/beyond-gdpr-unauthorized-reidentification-and-the-mosaic-effect-in-the-eu-ai-act
4. https://rkroundtable.org/2011/12/20/mosaic-theory-universal-surveillance-and-unlimited-recordkeeping/

Tranche 1 taken from Mosaic theory (investments)

1. https://openscholarship.wustl.edu/cgi/viewcontent.cgi?article=1850&context=law_journal_law_policy
2. https://scholarship.law.upenn.edu/faculty_scholarship/407/
3. https://sites.law.berkeley.edu/thenetwork/2011/10/18/the-galleon-insider-trading-case-how-to-sentence-a-seemingly-victimless-crime/
4. https://www.sec.gov/news/speech/spch444.htm
5. https://www.sec.gov/Archives/edgar/data/1532747/000153274713000195/exp56_ubsinsidertrad061912.htm
6. {{Cite journal|title=Regulation FD: An Alternative Approach to Addressing Information Asymmetry.|last=Fisch, Jill|journal=Faculty Scholarship at Penn Law|date=2013}}
7. {{Cite web|title=UBS Global Asset Management Insider Trading Policies and Procedures|date=2012|website=SEC}}
8. {{Cite web|title=The Galleon Insider Trading Case: How To Sentence a Seemingly Victimless Crime?|last=Hautekiet J.|date=2011|website=Berkeley University of California}}
9. {{Cite web|title=Speech by SEC Staff: New Rules, Old Principles|last=Becker, D. M.|date=2000|website=SEC}}
10. {{Cite web|title=Abandoning the 'Mosaic Theory' of Securities Analysis Constitutes Illegal insider Trading and What to do about it.|last=Davidowitz, A. S.|date=2019|website=6 Wash. U. J. L. & Pol’y281}}
11. https://openscholarship.wustl.edu/cgi/viewcontent.cgi?article=1850&context=law_journal_law_policy

Tranche 2?

• Raj Rajaratnam > SEC v. Rajaratnam

• https://www.economist.com/finance-and-economics/2011/04/14/the-mosaic-defence
• https://sevenpillarsinstitute.org/case-studies/raj-rajaratnam-and-insider-trading-2/
• https://www.hflawreport.com/2541831/implications-of-the-rajaratnam-verdict-for-the-mosaic-theory--the-knowing-possession-standard-of-insider-trading-and-criminal-wire-fraud-liability-in-the-absence-of-a-trade.thtml
• https://www.courthousenews.com/mosaic-defense-raj-is-not-the-first-to-use-it/
• https://archive.nytimes.com/dealbook.nytimes.com/2010/11/29/just-tidbits-or-material-facts-for-insider-trading/
• https://archive.nytimes.com/dealbook.nytimes.com/2011/04/11/why-is-insider-trading-wrong/
• https://www.researchgate.net/publication/332855906_Public_Disclosures_and_Information_Asymmetry_A_Theory_of_the_Mosaic

"Classification by compilation" is an older precursor term?

• Example: https://web.archive.org/web/20221006204246/https://www.secretsdeclassified.af.mil/Questions/Laws-and-Executive-Orders-Governing-Declassification/

• Classification by compilation (EO 13526, DOJ FOIA Guide)

• Aggregation risk, inference attacks, re-identification, open-source fusion

• Early case law (Halkin v. Helms, CIA v. Sims)

• FOIA Exemption 1 jurisprudence
• David Pozen’s Yale Law Journal analysis

• FOIA exemptions, Glomar responses
• Executive training (DoD, ISOO, DOJ)
• Compilation doctrine under classification law

• Latanya Sweeney’s k-anonymity research
• Netflix deanonymization case
• Wired and mainstream coverage
• Privacy law responses

• Strava heatmap incident
• OMB M-13-13 and the “mosaic effect” test
• Satellite imagery + public geodata risks

• Analyst mosaic theory (Reg FD guidance)
• Insider trading enforcement cases (e.g., Galleon)
• Hedge fund legal guidance and critiques

• Open utility shapefiles + imagery
• RSA and SANS OSINT examples
• CISA/HIFLD data disclaimers

• Over-classification
• Unfalsifiability concerns
• Transparency vs. security tensions

• Open-data withdrawal cases (Data.gov, Afghan data)
• HHS and DoD data-minimization protocols
• Differential privacy, redaction frameworks

High level read from article draft, to see from other searching what is being overlooked as possible angles to cover.

1. Advertising & behavioral targeting
2. Artificial intelligence & machine learning
3. Biometric identification systems
4. Corporate competitive intelligence & analysis
5. Criminal investigations & law enforcement
6. Data privacy & anonymization law
7. Finance & securities investment analysis
8. Fraud detection & identity theft
9. Government open-data initiatives
10. Humanitarian aid & social-protection programs
11. Intelligence & national-security operations
12. Legal transparency (FOIA) & classification
13. Medical & public-health analytics
14. Oil & gas infrastructure monitoring
15. Reproductive-health data investigations
16. Sensor-based environmental data (e.g., NOAA)

July 23: http://archive.today/2025.07.23-173316/https://en.wikipedia.org/wiki/User:Very_Polite_Person/draft/Mosaic_effect

Just to have a clear marker of unused as of today URLs; that may spillover to other related articles as useful sources. There may be more culling of URLs at this point than additions going in. TBD. -- Very Polite Person (talk) 17:36, 23 July 2025 (UTC)[reply]

The following is an archived discussion of the DYK nomination of the article below. Please do not modify this page. Subsequent comments should be made on the appropriate discussion page (such as this nomination's talk page, the article's talk page or Wikipedia talk:Did you know), unless there is consensus to re-open the discussion at this page. No further edits should be made to this page.

The result was: promoted by Darth Stabro talk 17:28, 1 August 2025 (UTC)[reply]

(

• Comment or view
• Article history

)

An example of DNA, depicted in a mosaic style of art from unique pieces of maize. The mosaic data concept is named for the art style.

• ... that the mosaic effect is the act of combining seemingly unrelated data to reveal sensitive or classified information that individual pieces of data would not disclose?

• Source: https://en.wikipedia.org/wiki/Mosaic_effect#cite_note-Rosenzweig_Mosaic_Lawfare_2017-3

• Reviewed:

Created by Very Polite Person (talk). Number of QPQs required: 0. Nominator has fewer than 5 past nominations.

-- Very Polite Person (talk) 22:28, 28 July 2025 (UTC).[reply]

General: Article is new enough and long enough
New enough: Long enough:

Policy: Article is sourced, neutral, and free of copyright problems
Adequate sourcing: Neutral: Free of copyright violations, plagiarism, and close paraphrasing:

Hook: Hook has been verified by provided inline citation
Cited: Interesting:

Image: Image is freely licensed, used in the article, and clear at 100px.
Freely licensed: Used in article: Clear at 100px:

QPQ: Done.

Overall: A truly fascinating and vital article. Great writing and mosaic-ing of disparate sources. No Swan So Fine (talk) 13:35, 1 August 2025 (UTC) No Swan So Fine (talk) 13:35, 1 August 2025 (UTC)[reply]