David

Virtual surveillance fail

this Open-Circuit TV (OCTV) is also about ´responsibilizing´citizens, trying to turn ordinary people into civic spies. Luckily, whilst people love to watch, they generally refuse to behave as agents of surveillance

The US-Mexican border has been a pretty good barometer of the levels of paranoia, waste and stupidity around immigration and surveillance for quite some time now. Now the El Paso Times of Texas reports on the stupendous failure of one massive initiative that was supposed to spread the burden of watching the border by installing webcams (and associated infrastructure) for US citizens to watch online and report anything suspicious.

Around $2 Million US was sunk into the program, yet it had few tangible outcomes. The figures, released under the Texas Public Information Act show that despite 1,894,288 hits on the website, there have been just 3 arrests out of a projected 1200, and only 8 incidents reported in total out of a projected 50,000.

What made me laugh was the comment from the office of Governor Rick Perry, who initiated the scheme, that the only problem was the way in which the scheme´s success had been assessed – there is a quote from a spokesperson that is a classic of government evasion: apparently, ¨the progress reports need to be adjusted to come in line with the strategy¨!

The only sensible comment on the whole debacle comes from Scott Stewart, a surveillance and security expert from Stratfor, who notes as all surveillance experts already know, that cameras are not that effective at deterring or stopping crime, and blames our naive faith in technological solutions that ¨can provide us with a false sense of security¨.

This isn´t just about whether cameras work though.

Of course there are wider issues about the fairness of US relations with Mexico which, under NAFTA, effectively mean that the US uses Mexico as a source of cheap labour and land for manufacturing and the free flow of goods, but does not permit the free flow of people. However for studies of surveillance, it is also about whether encouraging virtual voyeurism is either socially desirable or effective in reducing crime. In terms of effectiveness, of course Bruce Schneier has been arguing for quite a while that most security schemes are inefficient and counterproductive and there was an excellent paper by John Mueller of Ohio State University exploding the statistical myths around security measures in the War on Terror.

But this Open-Circuit Television (OCTV) – not the the usual Closed-Circuit Television (CCTV) we are used to in malls and big cities – is also about ´responsibilizing´citizens, trying to turn ordinary people into civic spies. Luckily, whilst people love to watch, they generally refuse to behave as states would want and do not willingly become agents of surveillance – as this scheme and the experiment in the London borough of Shoreditch with such participatory surveillance schemes, which was similarly successful amongst viewers but achieved no measurable result and was shelved, show.

Note: Hille Koskela of the University of Helsinki, who works mainly on webcams, has been following the Texas border watch scheme and will be presenting a paper on it at our Surveillance, Security and Social Control in Latin America sumposium here in Curitiba in March… I look forward to hearing her analysis.

Civil liberties in Britain

In February, the Convention on Modern Liberty will be taking place in cities across the UK and online. Unfortunately I will still be in Brazil and there are no listed events in Newcastle, which is a great shame – I would certainly have been organising some. This is an issue that tends to cross party lines and unite people of all political persuasions, so I hope as many people as possible in the UK get involved…

The Guardian newspaper´s Comment is Free site also has a special section set up for the event called Liberty Central. Surveillance Studies Network and Surveillance & Society were supposed to be listed there (they contacted us), but they aren´t yet…

Internet Surveillance in Brazil (2)

I’ve been catching up with what has been going on in Brazil in terms of Internet surveillance over the past few months. The good news is that the opposition has had some success in persuading several members of Brazil’s lower house, the Chamber of Deputies, to take their criticisms seriously.

Sérgio Amadeu, who is an Professor at the Faculade Cásper Líbero in São Paulo, a self-described ‘militant for free software’, and one of the originators of the ‘NÃO’ campaign against the proposed bill of Senator Azeredo, reported in December on the outcome of a public consultation on the bill and a flashmob protest against it in São Paulo in November. The outcome has been that a new counter-proposal is being developed by various activist organisations and individuals together with Deputy Julio Semeghini favouring Internet freedom. In fact, the proposal would recast Azeredo’s proposed law on the basis of net citizenship rather than cybercrime.

Professor Amadeu claims that now the Ministry of Justice is in contact with the campaign and that the Secretary for Legislative Affairs at the Ministry, Pedro Abramovay, has apparently shown that he is rather more interested in an appropriate balance between Internet freedom and security. I am always rather suspicious about talk of ‘balance’ in these contexts, and we still don’t know who these impressions will be transformed into action or how many lower house legislators share Deputy Semeghini’s view, but it sounds like there is some reason to be positive – that and the fact that as of today, 134494 people have signed the petition against Azeredo’s bill.

Where I’m not…

If I’d known about it, I would have been here at Campus Party 2009 this week. Just the biggest computing event in the world, right on my doorstep, and I hadn’t even noticed, and what is more they had a panel on security… oh well, I can’t be everywhere!

The robots are coming and now they’re angry…

A mindless drone robot is one thing but an independent robot with a tiny mind capable only of death and destruction – that is something else entirely.

Whilst I was doing my PhD in the late 90s, I met a guy called Steve Wright who used to run the Omega Foundation (who were like the ‘Lone Gunman’ organisation from the X-Files, but for real), and who is now at the Praxis Centre at Manchester Metropolitan University, UK. He was investigating the development of new forms of automated killing and control systems and ever since then, I’ve been keeping an eye on the development of remote-controlled and increasingly automated surveillance technologies, and in particular the development of robotic devices that are able not only to collect or transfer data, but to respond physically.

Two stories this week reflect the variety of developments in all kinds of different arenas, and raise all sorts of issues around the distancing of human responsibility from material, in many cases, punitive or lethal action.

'Intruder' captured by web-slinging robot — Japanese security robot (AP)

The first was the news that Japanese technologists have produced a mobile remote-controlled robot that can fire a net over ‘intruders’. Until recent years such developments had been carried out largely in the area of military research by organisations like the RAND corporation in the USA. However, particularly since the end of the Cold War when military supply companies started to look to diversify and find new markets in a more uncertain time when the ‘military-industrial complex’ might no longer ensure their profits, there has been a gradual ‘securitization’ of civil life. One consequence of this has been that so-called ‘less-lethal’ weapons are increasing regarded as normal for use in law enforcement, private security organisations and even by individuals.

However a further change has been in the when these operations can be automated when an intermediary technology using sensors of some kind is placed between the person operating them and the person(s) or thing(s) being monitored. This removes the person from the consequences of their action and allows them to place the moral burden of action onto the machine. The operation is aided still more if the machine itself can be ‘humanized’, in the way that Japanese robots so often are. But a kawaii(cute) weaponized robot is still a weaponized robot.

In the skies above Afghanistan, Iraq and Gaza however, ‘cuteness’ doesn’t matter. Remote-control military machines have been stealthily entering the front lines, colonising the vertical battlespace, with lethal consequences that have not yet been considered enough. This week we saw US unmanned aircraft operated by the CIA kill a total of 21 people in Pakistan, one of the few aspects of Bush-era policy that new President Obama has not (yet) promised to change.

All of these machines are still under some kind of control from human operators, but several profoundly misguided scientists are trying to create systems that are more independent, even ‘intelligent’. This week, I read about Professor Mandyam Srinivasan of Queensland University in Australia who, at least according to a report in The Australian, thinks it is a great idea to give missiles brains like angry bees. A mindless drone robot is one thing but an independent robot with a tiny mind capable only of death and destruction – that is something else entirely. I can think of few things that are less in the spirit of social progress than this, but he’s hardly the only one thinking this way: there are billions of dollars being pumped into this kind of research around the world…

New UK government attack on information rights

… a blatant attempt to gut the already inadequate safeguards in the Data Protection Act…

Time for some news from back home in Airstrip One… I’ve argued since our Report on the Surveillance Society came out back in 2006, that two of the biggest problems with information rights in Britain are:

the lack of any constitutional protection for personal information and the consequent contingency of any laws on data protection; and
the apparent belief on the part of the state that it has information rights over the personal information of citizens (or subjects, in reality).

Thus the state can demand information for the ID card scheme under threat of fines or even imprisonment, yet it is entirely the individual’s fault if information is incorrect.

Now, the ever-vigilant NO2ID campaign has noticed something that few others have, that hidden in a new criminal justice bill, the Coroners and Justice Bill is a measure to amend the Data Protection Act to enable government ministers to issue so-called ‘Information Sharing Orders’.

The clause (152, in Part 8, if you’re interested) reads as follows:

152 Information sharing

(1) After section 50 of the Data Protection Act 1998 (c. 29) insert—

“Part 5A Information Sharing

50A Power to enable information sharing

(1) Subject to the following provisions of this Part, a designated authority may by order (an “information-sharing order”) enable any person to share information which consists of or includes personal data.

(2) For the purposes of this Part—

“designated authority” means—

(a) an appropriate Minister,

(b) the Scottish Ministers,

(d) a Northern Ireland department;

“appropriate Minister” means—

(a) the Secretary of State,

(b) the Treasury, or

(3) For the purposes of this Part a person shares information if the person—

(a) discloses the information by transmission, dissemination or otherwise making it available, or

(b) consults or uses the information for a purpose other than the purpose for which the information was obtained.

(4) A designated authority may make an information-sharing order only if it is entitled to make the order by virtue of section 50C and it is satisfied—

(a) that the sharing of information enabled by the order is necessary to secure a relevant policy objective,

(b) that the effect of the provision made by the order is proportionate to that policy objective, and

(c) that the provision made by the order strikes a fair balance between the public interest and the interests of any person affected by it.

(5) An information-sharing order must—

(a) specify the person, or class of persons, enabled to share the information;

(b) specify the purposes for which the information may be shared;

(6) An information-sharing order may not enable any sharing of information which (in the absence of any provision made by the order)”

Whilst this is not necessarily “as grave a threat to privacy as the entire ID Scheme” as NO2ID claim, the clause is written so broadly (a characteristic of New Labour’s approach to legislating) that it could mean that a Minister with the will could authorise any kind of personal information from any source to be used for as yet unspecified purposes for which it was never intended to be used. It is a blatant attempt to gut the already inadequate safeguards in the Data Protection Act, albeit in particular (ill-defined) instances and at Ministerial level, rather than a blanket provision applying to almost all public authorities (like say, the Regulation of Investigatory Powers Act(RIPA) which enabled local authorities to spy on people for tiny suspected infractions).

However, we shouldn’t allow the precedent to be set at any level…

Check the No2ID site for what you can do to stop this clause.

Identity and Identification in Brazil (continued)

…the Brazilian driving licence is a goldmine of personal information…

I spent a little while over the last couple of days examining the actual material identity documents currently required in Brazil. Here are some pictures with a little explanation. There will be a lot more in the final article!

The first is the simplest but in many ways the most important to life-chances. This is the Cadastro de Pessoas Físicas (CPF) (Register of Physical (or Natural) Persons) card (or Taxpayer’s Card).

‘Pessoas Físicas’ is a a piece of legalese that is draws a distinction between humans and other ‘legal persons’, like corporations or governments. The CPF number is issued to all those who pay tax and is essential if one wants any formal work. The actual document is a blue plastic card like old-style credit cards, which also has a machine readable magnetic strip on the back.

The number is also required for many other government transactions, and it is, apparently a major disaster if you lose the card, or if for some reason, your CPF number is rescinded (which can happen if you don’t pay tax in Brazil for more than a year, for example if you are abroad, without explanation). Many people who live in the favelas, and who are involved in the shadow economy do not have a CPF, which is a severe obstacle to social inclusion.

The second document is the Registro Geral (General Registry) (ID) card, a double-sided piece of thick paper, just larger than a credit card. It is oriented vertically at the front and horizontally at the back.

As I noted in the first post I made on this subject, the RG card cross-references the CPF and also birth certification (it lists the full names of both mother and father and city and state of origin). This card is the one that is being replaced by the new RIC smartcard ID system.

Finally, we have the Carteira Nacional de Habilitação, the driving licence which, despite its name, is issued at state rather than national-level. The colour and format differs from state-to-state, however they all have pretty much the same level of information (a lot!) and cross-identification with other forms of ID. This one is from Paraná, which is a paper usually folded in half horizontally. It is specifically forbidden to laminate it.

The Brazilian driving licence is a goldmine of personal information. Partly this is because the licence had been intended to be a unifying piece of identification (a practice typical of ‘autocentric’ cultures!), containing all the information on both the CPF card and the RG card, and more. This will now not be the case following the issuing of the new RIC cards, so it will be interesting to see if the quantity of information on these licences will be reduced or, if not, what the justification will be for having this much visible personal information on one paper document.

Obama’s new NSA-approved PDA

One story I didn’t mention last week, but which still seems to be doing the rounds, is the saga of new US President Obama´s PDA. Obama is well-known as a Blackberry-addict, using it constantly during the campaign, but as CNET pointed out such wireless devices are known to be highly insecure and vulnerable to all kinds of illicit monitoring and capture. There is, however, one device approved by the US National Security Agency (NSA), which its own employees use, the Sectera Edge Secure Mobile Environment Portable Electronic Device (SME PED), made by defence contractor, General Dynamics C4 Systems of Scottsdale, Arizona. It looks pretty similar to athe Palm Treo series, apart from the strengthned chasis, ‘secure’ ports and special ‘trusted’ display… all this for just $3500! (I hope he´s better at not losing his phones than me…)

The rest of us, I guess will just have to put up with our insecure communications. The CNET article gives plenty of scary examples of just how insecure they are to simple hacking, even without the NSA’s rather more sophisticated programs. Of course even such NSA-approved ‘secure’ systems will undoubtedly have built-in backdoors that are accessible to the NSA, which is one of the main reasons they are even involved in the development of such technologies. And it is not just these unusual products of course – remember the Windows backdoor revelations from a few years back? Or further back, the Swedish government’s discovery that the NSA could access all their encrypted Lotus Notes documents – this later reverse engineering of the backdoor by Adam Back shows that the spooks are not without a (very bleak) sense of humour. Obama might now have secure communications, but there is always one agency whose evesdropping even he will not be able to avoid…

Utopian urbanism

…it is the adventurous, progressive, social democratic spirit of the New Deal and the World’s Fair that it is most worth revisiting now…

Naxos´ rerelease of The City — Naxos' rerelease of The City

A post which has little to do with surveillance and security today, but much more to do with another of my interests, in urban futures…

The predominantly classical music company, Naxos, has issued a new version of the classic 1939 documentary, The City, which was released to coincide with the New York World´s Fair. The film is a superb piece of work in many areas – a great script by the legendary urbanist, Lewis Mumford, based on his book, The Culture of Cities, luscious cinematography by Ralph Steiner and and Willard van Dyke and, the reason why Naxos is involved, a brilliant score by Aaron Copeland, which has been re-recorded for this release. It is already available for free download from the Internet Archive (a treasure house of historical material), but of course you won´t get the specially rerecorded score or the extra documentaries that accompany the anyway relatively inexpensive re-release.

Despite its serious message, the film ultimately shares the optimistic atmosphere of the World’s Fair – see, for example, Andrew F. Wood’s lovely site full of those influential images of progress that so shaped the rest of Twentieth Century’s idea of what the future would look like and then later, should have looked like. Today, it has acquired a new relevance, produced as it was out of that amazing surge of energy in US society resulting from Roosevelt’s solution to the Great Depression, the New Deal. Mumford´s admonition that “the age of rebuilding is here. We must remold our old cities and build new communities, better suited to our needs” (see this article about the movie) has never been more pertinent. As of 2007, we entered an age when the majority of the world’s population is living in cities that are already divided by extremes of wealth and poverty (especially here in Brazil), and a global recession is developing, which should cause humanity to rethink its priorities.

The 1930s saw the best and worst of the drive to utopianism. Some of those paths resulted in the holocaust and the gulags, some led to the unsustainable consumer capitalism we are still trying to revive, but it is the adventurous, progressive, social democratic spirit of the New Deal and the World’s Fair that it is most worth revisiting now.

Here in Brazil, another nation, like the USA, which struggled throughout the Twentieth Century to fashion itself into a democratic utopia, we can also see this spirit embodied in the gorgeous curves of Oscar Niemeyer‘s fluid Brazilian modernism. Lewis Mumford may be long gone, but Niemeyer is still with us at 101 years old, and still working with the same commitment.

It is a sobering thought that it will not be long before there is no-one left from that generation of urbanists, the generation that was committed to invention, beauty and social progress. Here’s to them…

(thanks to Janet Forbes of York University, Toronto, whose post to a mailing list inspired this reverie)

Ever fancied global domination?

The always interesting Very Short List draws my attention to a neat bit of web design cum surveillance art installation: the Henchman’s Helper. Designed by Joel Friesen, it is a window onto some deranged mind bent on global domination, showing a retro atompunkish console on which are displayed over 40 feeds from satellite mapping applications, webcams and weather channels. What’s more, the code is Creative Commons-licensed so anyone can adapt it to their own evil purposes!

This is all good fun but it also brings to mind something I reported on last year, so-called ‘surveillance in a box’ products (see the article in New Scientist), integrated data-fusion systems, combining automated searching and cross-matching of data from multiple sources, such as Siemens and Nokia’s joint venture into so-called ‘Lawful Interception’ Intelligence Platforms. This could lead to powerful multifunctional surveillance, including things like telephone monitoring being available to nations with dubious human rights records, private corporations and even wealthy individuals as the cost of such packages comes down. This will make what Greg Elmer calls ‘personal information economies’ into private intelligence services for some…