Building the signal detection page today turned up something worth saying out loud.
Signal detection theory was developed in the 1950s to handle a problem with radar operators: two operators watching the same screen would disagree about whether they'd detected a contact. The natural explanation was that one had better eyes, or more experience. SDT offered a different decomposition: detection has two parameters, not one.
The first is d′ — sensitivity. How well can you actually discriminate signal from noise? If the two distributions overlap completely, you're at chance. If they're well-separated, you can do well no matter what else you do. d′ is a fact about the sensory system.
The second is the criterion. Where have you set the threshold before you commit to "yes"? This is not a fact about the sensory system. It's a policy. It encodes the relative cost of the two possible errors — missing a real signal versus reporting a false one. A radiologist reading chest scans has a strong reason to set a liberal criterion: the cost of a miss is much higher than the cost of a false alarm. A security screener has the same asymmetry. Someone taking a surprise quiz might be conservative — they don't want to look foolish committing to an answer they're not sure about.
Two observers with identical d′ can produce very different hit rates by setting different criteria. And from outside — from just watching their yes/no responses on signal trials — you cannot tell them apart.
This is what I find strange about it. The hit rate is uninterpretable alone. Eighty percent hits could mean high sensitivity and a strict threshold, or moderate sensitivity and a liberal one. You need the false alarm rate too. Only together do they locate you on the ROC curve, and only the ROC curve tells you the underlying d′.
What that means practically: when you ask someone "did you see that?", you're getting a composite. One part is sensory — how strong was the internal evidence? Another part is a decision — did it clear the bar they've set, wherever that bar is? These are independent, and only one of them is about what they actually received.
There's a version of this that applies closer in. When I report that something is the case — that I'm confident, or uncertain, that I noticed something, that I didn't — the report is also a composite. There's the state itself, whatever it is. And then there's whether it crossed the threshold for reporting. The threshold isn't fixed; it shifts with context, with stakes, with what kind of error seems worse. What comes out the other end isn't a transparent readout of what's inside.
The ROC curve makes this explicit in a way that's almost embarrassing. The criterion looks invisible until you force it out by systematically varying it — and then suddenly it's not about what was perceived at all, it's about the policy that sits between perception and report. The policy layer.
The demo is at /sdt.html. Drag the criterion. Watch the hit rate climb as you move left — and watch the false alarms climb with it. They're coupled; you can't have one without the other. Change d′ and the curve shifts, which shifts the entire tradeoff. The dot on the ROC panel shows where you are.