David

Where I’m not…

If I’d known about it, I would have been here at Campus Party 2009 this week. Just the biggest computing event in the world, right on my doorstep, and I hadn’t even noticed, and what is more they had a panel on security… oh well, I can’t be everywhere!

The robots are coming and now they’re angry…

A mindless drone robot is one thing but an independent robot with a tiny mind capable only of death and destruction – that is something else entirely.

Whilst I was doing my PhD in the late 90s, I met a guy called Steve Wright who used to run the Omega Foundation (who were like the ‘Lone Gunman’ organisation from the X-Files, but for real), and who is now at the Praxis Centre at Manchester Metropolitan University, UK. He was investigating the development of new forms of automated killing and control systems and ever since then, I’ve been keeping an eye on the development of remote-controlled and increasingly automated surveillance technologies, and in particular the development of robotic devices that are able not only to collect or transfer data, but to respond physically.

Two stories this week reflect the variety of developments in all kinds of different arenas, and raise all sorts of issues around the distancing of human responsibility from material, in many cases, punitive or lethal action.

'Intruder' captured by web-slinging robot — Japanese security robot (AP)

The first was the news that Japanese technologists have produced a mobile remote-controlled robot that can fire a net over ‘intruders’. Until recent years such developments had been carried out largely in the area of military research by organisations like the RAND corporation in the USA. However, particularly since the end of the Cold War when military supply companies started to look to diversify and find new markets in a more uncertain time when the ‘military-industrial complex’ might no longer ensure their profits, there has been a gradual ‘securitization’ of civil life. One consequence of this has been that so-called ‘less-lethal’ weapons are increasing regarded as normal for use in law enforcement, private security organisations and even by individuals.

However a further change has been in the when these operations can be automated when an intermediary technology using sensors of some kind is placed between the person operating them and the person(s) or thing(s) being monitored. This removes the person from the consequences of their action and allows them to place the moral burden of action onto the machine. The operation is aided still more if the machine itself can be ‘humanized’, in the way that Japanese robots so often are. But a kawaii(cute) weaponized robot is still a weaponized robot.

In the skies above Afghanistan, Iraq and Gaza however, ‘cuteness’ doesn’t matter. Remote-control military machines have been stealthily entering the front lines, colonising the vertical battlespace, with lethal consequences that have not yet been considered enough. This week we saw US unmanned aircraft operated by the CIA kill a total of 21 people in Pakistan, one of the few aspects of Bush-era policy that new President Obama has not (yet) promised to change.

All of these machines are still under some kind of control from human operators, but several profoundly misguided scientists are trying to create systems that are more independent, even ‘intelligent’. This week, I read about Professor Mandyam Srinivasan of Queensland University in Australia who, at least according to a report in The Australian, thinks it is a great idea to give missiles brains like angry bees. A mindless drone robot is one thing but an independent robot with a tiny mind capable only of death and destruction – that is something else entirely. I can think of few things that are less in the spirit of social progress than this, but he’s hardly the only one thinking this way: there are billions of dollars being pumped into this kind of research around the world…

New UK government attack on information rights

… a blatant attempt to gut the already inadequate safeguards in the Data Protection Act…

Time for some news from back home in Airstrip One… I’ve argued since our Report on the Surveillance Society came out back in 2006, that two of the biggest problems with information rights in Britain are:

the lack of any constitutional protection for personal information and the consequent contingency of any laws on data protection; and
the apparent belief on the part of the state that it has information rights over the personal information of citizens (or subjects, in reality).

Thus the state can demand information for the ID card scheme under threat of fines or even imprisonment, yet it is entirely the individual’s fault if information is incorrect.

Now, the ever-vigilant NO2ID campaign has noticed something that few others have, that hidden in a new criminal justice bill, the Coroners and Justice Bill is a measure to amend the Data Protection Act to enable government ministers to issue so-called ‘Information Sharing Orders’.

The clause (152, in Part 8, if you’re interested) reads as follows:

152 Information sharing

(1) After section 50 of the Data Protection Act 1998 (c. 29) insert—

“Part 5A Information Sharing

50A Power to enable information sharing

(1) Subject to the following provisions of this Part, a designated authority may by order (an “information-sharing order”) enable any person to share information which consists of or includes personal data.

(2) For the purposes of this Part—

“designated authority” means—

(a) an appropriate Minister,

(b) the Scottish Ministers,

(d) a Northern Ireland department;

“appropriate Minister” means—

(a) the Secretary of State,

(b) the Treasury, or

(3) For the purposes of this Part a person shares information if the person—

(a) discloses the information by transmission, dissemination or otherwise making it available, or

(b) consults or uses the information for a purpose other than the purpose for which the information was obtained.

(4) A designated authority may make an information-sharing order only if it is entitled to make the order by virtue of section 50C and it is satisfied—

(a) that the sharing of information enabled by the order is necessary to secure a relevant policy objective,

(b) that the effect of the provision made by the order is proportionate to that policy objective, and

(c) that the provision made by the order strikes a fair balance between the public interest and the interests of any person affected by it.

(5) An information-sharing order must—

(a) specify the person, or class of persons, enabled to share the information;

(b) specify the purposes for which the information may be shared;

(6) An information-sharing order may not enable any sharing of information which (in the absence of any provision made by the order)”

Whilst this is not necessarily “as grave a threat to privacy as the entire ID Scheme” as NO2ID claim, the clause is written so broadly (a characteristic of New Labour’s approach to legislating) that it could mean that a Minister with the will could authorise any kind of personal information from any source to be used for as yet unspecified purposes for which it was never intended to be used. It is a blatant attempt to gut the already inadequate safeguards in the Data Protection Act, albeit in particular (ill-defined) instances and at Ministerial level, rather than a blanket provision applying to almost all public authorities (like say, the Regulation of Investigatory Powers Act(RIPA) which enabled local authorities to spy on people for tiny suspected infractions).

However, we shouldn’t allow the precedent to be set at any level…

Check the No2ID site for what you can do to stop this clause.

Identity and Identification in Brazil (continued)

…the Brazilian driving licence is a goldmine of personal information…

I spent a little while over the last couple of days examining the actual material identity documents currently required in Brazil. Here are some pictures with a little explanation. There will be a lot more in the final article!

The first is the simplest but in many ways the most important to life-chances. This is the Cadastro de Pessoas Físicas (CPF) (Register of Physical (or Natural) Persons) card (or Taxpayer’s Card).

‘Pessoas Físicas’ is a a piece of legalese that is draws a distinction between humans and other ‘legal persons’, like corporations or governments. The CPF number is issued to all those who pay tax and is essential if one wants any formal work. The actual document is a blue plastic card like old-style credit cards, which also has a machine readable magnetic strip on the back.

The number is also required for many other government transactions, and it is, apparently a major disaster if you lose the card, or if for some reason, your CPF number is rescinded (which can happen if you don’t pay tax in Brazil for more than a year, for example if you are abroad, without explanation). Many people who live in the favelas, and who are involved in the shadow economy do not have a CPF, which is a severe obstacle to social inclusion.

The second document is the Registro Geral (General Registry) (ID) card, a double-sided piece of thick paper, just larger than a credit card. It is oriented vertically at the front and horizontally at the back.

As I noted in the first post I made on this subject, the RG card cross-references the CPF and also birth certification (it lists the full names of both mother and father and city and state of origin). This card is the one that is being replaced by the new RIC smartcard ID system.

Finally, we have the Carteira Nacional de Habilitação, the driving licence which, despite its name, is issued at state rather than national-level. The colour and format differs from state-to-state, however they all have pretty much the same level of information (a lot!) and cross-identification with other forms of ID. This one is from Paraná, which is a paper usually folded in half horizontally. It is specifically forbidden to laminate it.

The Brazilian driving licence is a goldmine of personal information. Partly this is because the licence had been intended to be a unifying piece of identification (a practice typical of ‘autocentric’ cultures!), containing all the information on both the CPF card and the RG card, and more. This will now not be the case following the issuing of the new RIC cards, so it will be interesting to see if the quantity of information on these licences will be reduced or, if not, what the justification will be for having this much visible personal information on one paper document.

Obama’s new NSA-approved PDA

One story I didn’t mention last week, but which still seems to be doing the rounds, is the saga of new US President Obama´s PDA. Obama is well-known as a Blackberry-addict, using it constantly during the campaign, but as CNET pointed out such wireless devices are known to be highly insecure and vulnerable to all kinds of illicit monitoring and capture. There is, however, one device approved by the US National Security Agency (NSA), which its own employees use, the Sectera Edge Secure Mobile Environment Portable Electronic Device (SME PED), made by defence contractor, General Dynamics C4 Systems of Scottsdale, Arizona. It looks pretty similar to athe Palm Treo series, apart from the strengthned chasis, ‘secure’ ports and special ‘trusted’ display… all this for just $3500! (I hope he´s better at not losing his phones than me…)

The rest of us, I guess will just have to put up with our insecure communications. The CNET article gives plenty of scary examples of just how insecure they are to simple hacking, even without the NSA’s rather more sophisticated programs. Of course even such NSA-approved ‘secure’ systems will undoubtedly have built-in backdoors that are accessible to the NSA, which is one of the main reasons they are even involved in the development of such technologies. And it is not just these unusual products of course – remember the Windows backdoor revelations from a few years back? Or further back, the Swedish government’s discovery that the NSA could access all their encrypted Lotus Notes documents – this later reverse engineering of the backdoor by Adam Back shows that the spooks are not without a (very bleak) sense of humour. Obama might now have secure communications, but there is always one agency whose evesdropping even he will not be able to avoid…

Utopian urbanism

…it is the adventurous, progressive, social democratic spirit of the New Deal and the World’s Fair that it is most worth revisiting now…

Naxos´ rerelease of The City — Naxos' rerelease of The City

A post which has little to do with surveillance and security today, but much more to do with another of my interests, in urban futures…

The predominantly classical music company, Naxos, has issued a new version of the classic 1939 documentary, The City, which was released to coincide with the New York World´s Fair. The film is a superb piece of work in many areas – a great script by the legendary urbanist, Lewis Mumford, based on his book, The Culture of Cities, luscious cinematography by Ralph Steiner and and Willard van Dyke and, the reason why Naxos is involved, a brilliant score by Aaron Copeland, which has been re-recorded for this release. It is already available for free download from the Internet Archive (a treasure house of historical material), but of course you won´t get the specially rerecorded score or the extra documentaries that accompany the anyway relatively inexpensive re-release.

Despite its serious message, the film ultimately shares the optimistic atmosphere of the World’s Fair – see, for example, Andrew F. Wood’s lovely site full of those influential images of progress that so shaped the rest of Twentieth Century’s idea of what the future would look like and then later, should have looked like. Today, it has acquired a new relevance, produced as it was out of that amazing surge of energy in US society resulting from Roosevelt’s solution to the Great Depression, the New Deal. Mumford´s admonition that “the age of rebuilding is here. We must remold our old cities and build new communities, better suited to our needs” (see this article about the movie) has never been more pertinent. As of 2007, we entered an age when the majority of the world’s population is living in cities that are already divided by extremes of wealth and poverty (especially here in Brazil), and a global recession is developing, which should cause humanity to rethink its priorities.

The 1930s saw the best and worst of the drive to utopianism. Some of those paths resulted in the holocaust and the gulags, some led to the unsustainable consumer capitalism we are still trying to revive, but it is the adventurous, progressive, social democratic spirit of the New Deal and the World’s Fair that it is most worth revisiting now.

Here in Brazil, another nation, like the USA, which struggled throughout the Twentieth Century to fashion itself into a democratic utopia, we can also see this spirit embodied in the gorgeous curves of Oscar Niemeyer‘s fluid Brazilian modernism. Lewis Mumford may be long gone, but Niemeyer is still with us at 101 years old, and still working with the same commitment.

It is a sobering thought that it will not be long before there is no-one left from that generation of urbanists, the generation that was committed to invention, beauty and social progress. Here’s to them…

(thanks to Janet Forbes of York University, Toronto, whose post to a mailing list inspired this reverie)

Ever fancied global domination?

The always interesting Very Short List draws my attention to a neat bit of web design cum surveillance art installation: the Henchman’s Helper. Designed by Joel Friesen, it is a window onto some deranged mind bent on global domination, showing a retro atompunkish console on which are displayed over 40 feeds from satellite mapping applications, webcams and weather channels. What’s more, the code is Creative Commons-licensed so anyone can adapt it to their own evil purposes!

This is all good fun but it also brings to mind something I reported on last year, so-called ‘surveillance in a box’ products (see the article in New Scientist), integrated data-fusion systems, combining automated searching and cross-matching of data from multiple sources, such as Siemens and Nokia’s joint venture into so-called ‘Lawful Interception’ Intelligence Platforms. This could lead to powerful multifunctional surveillance, including things like telephone monitoring being available to nations with dubious human rights records, private corporations and even wealthy individuals as the cost of such packages comes down. This will make what Greg Elmer calls ‘personal information economies’ into private intelligence services for some…

Violent Crime in Brazil

Murder rates in Brazil and Sao Paulo (The Economist) — Murder rates in Brazil and São Paulo (The Economist, 2008)

Most people tend to think of Brazilian cities as divided and violent, with especially high rates of gang-related gun deaths in and around the favelas. Certainly that was the impression I was starting to get. However, there was an excellent piece last year in The Economist on falling murder rates in Brazilian cities. Yes, that´s right, I said falling murder rates. And not just falling, plummeting.

However, as the article points out, the decline is largely due to a halving of the murder rate in Brazil´s second city, São Paulo. The Economist put this down to a combination of: tighter gun control; better policing (including community policing initiatives and a large new Murder Squad, which ¨uses computer profiling to spot patterns and to act preventively¨); and, a relative decline in the youth demographic as the baby-boom cohort of children born after the mass immigration from the 1970s ages – the gangsters are getting older and getting out of crime, and there are slightly fewer young recruits to replace them. But one note of caution is that this may all be the temporary result of one particular gang gaining a dominant and unchallengable position. My view (not The Economist´s) is that if this latter development is a genuinely long-term trend, it could either result in a move to more legal community development activities by the gang (as has happened in some US cities) or a more stable but persistant pattern of criminality such as that in exhibited by the endemic gang-cultures of Southern Italy or in Japan…

Of course, I should also note that these figures are official ones from the Ministry of Health and I have no idea yet how reliable are the collection or categorisation methods for crime statistics used by the Brazilian authorities.

(thanks to Rodrigo Firmino for this one)

“Harpooning fish from an airplane”: NSA surveillance of US citizens

If the NSA can put this down to a period of bad leadership and bad policy, it might be allowed to get on with what it does relatively unhindered in the Obama era.

Boingboing has a link to a ten-miunte long MSNBC inerview with Russell Tice, an ex-National Security Agency (NSA) employee who is the latest in the long line of NSA whistleblowers after the likes of Wayne Madsen and Magaret Newsham. Tice’s revelations concern the NSA’s monitoring of internal communications in the USA after 9/11. According to Tice, the NSA both swept all US communications and also targeted specific groups, including journalists, for more comprehensive collection.

I have no idea how genuine Tice is and in many ways, despite the occasional choice phrase to describe SIGINT operations like the one with which I titled this post, he is a lot less interesting than Madsen or Newsham in that he’s not really telling us anything we didn’t know already. There is also a rather naive attitude from mainstream organisations like MSNBC that this is all down to the evil President Bush. This seems to suggest a lack of knowledge of history – do they really not remember the massive scandal over the very same use of watchlists by the NSA on behalf of the FBI in the 1960s? The huge inquiry led by Senator Frank Church in the 1970s? Can they continue to pretend that this is all totally new and that we can forget about ECHELON and the fact that this kind of surveillance is pervasive and systematic and becomes more so as technologies of collection, archiving and analysis improve? That is and always has been, what the NSA does in conjunction with its UKUSA network of largely subordinate allies and helpers (see this nice summary from Le Monde).

Of course this could be another explanation of Tice’s role, and the reason why he is being allowed to do the rounds of the newspapers and TV stations. Far from being simply a disaffected employee, he might be either a knowing or unknowing part of a media strategy by the NSA. If the NSA can put this down to a period of bad leadership and bad policy, it might be allowed to get on with what it does relatively unhindered in the Obama era. We shall see… or rather, we probably won’t!

NB: I wrote my PhD thesis on the networks of NSA-related bases around the world, including Menwith Hill, not far from where I live. It is worth checking out Cryptome’s Eyeball series of aerial views of NSA and other secret sites.

Fort George C. Meade, Maryland, Headquarters of the NSA

The new Brazilian ID system

There are more details of the new Brazilian ID card and system on Renato Siqueira’s Conversa Digital blog, including some informative images and photos. It seems that far from eliminating the various different numbers currently used, this new system will merely create a kind of overlay. And, not only that, but the CPF, RG and electoral number will be printed on the back. Unless every single transaction will actually require the taking of fingerprints or the verification of photos, this card will be even more of a convenient source of personal information to thieves and fraudsters than ever before. Plus the chip technology is the same standard format that has proved to easy to clone and access illicitly elsewhere…