Category: databases

US subversion in Norway

Norway has long been a close ally of the USA. Outside of the EU, but inside NATO, it provided bases and consistent support for the USA during the Cold War, unsurprisingly seeing neighbouring USSR as a serious threat to its interests. Yet… those days would seem to be long gone, at least as far as the US is concerned, if a story recently revealed is to be believed.

According to the Dagbladet newspaper, Norway’s TV2 News reported that 15-20 Norwegians, including ex-police, had been recruited by the US Embassy over 10 years to form a secret group, the Surveillance Detection Unit (SDU) that would apparently monitor terrorist threats in Norway. The group operated from a building near the embassy, and collected information on hundreds of Norwegian citizens, whose details were added to a database called SIMAS (Security Incident Management Analysis System).

This was all done apparently without the Norwegian government’s consent, although according to the report, the US Embassy has admitted carrying out the program. The question is – is this standard US practice, or simple a ‘rogue’ embassy group of bored spooks getting above themselves? The answer is that it is almost undoubtedly the former. SIMAS is the US diplomatic service’s global database. According to a Privacy Impact Assessment (!) submitted by the State Department on the system:

“Security Incident Management and Analysis System (SIMAS) is a worldwide Bureau of Diplomatic Security (DS) web-based application, which serves as a repository for all suspicious activity and crime reporting from U.S. Diplomatic Missions abroad (all U.S. embassies and consulates). Department of State personnel, including Diplomatic Security personnel, regional security officers, and cleared foreign nationals, enter Suspicious Activity Reports (SARs) into SIMAS as a central repository for all physical security incidents overseas. SIMAS Reports typically contain a detailed narrative description of the suspicious activity prompting the report, available suspicious person(s) and vehicle descriptors, and other identification data as may be available (e.g. photographs). Reports also indicate date, time and location of suspicious activity, and may include amplifying comments from relevant Bureau offices.”

The data entered into the system on individuals include:

“Citizenship Status and Information (source-documents)

  • DSP-11 (Passport Application)
  • OF-156 (VISA application)

Biometric Information (source-observation and photography)

  • Gender
  • Race
  • Height
  • Weight
  • Eye Color
  • Skin Tone
  • Hair Color
  • Hair Style
  • Images
  • Age or Estimated Age
  • Body Type (Build)
  • Scars, Marks, & Tattoos

Other (source-personal interview by authorities)

  • Name
  • Address
  • DOB
  • Telephone Number
  • Father’s Name
  • Mother’s Name”

It is supposed to be limited to “suspicious or potentially threatening incidents gathered from observations in the vicinity of a post” in order to protect the embassy, however it seems that far more was going on in the case uncovered in Norway, and it would not be surprising if the SDU was operating as a cover for a range of other intelligence activities.

Update: the Norwegian government is now complaining to the US government about this, saying that it breaks Norwegian privacy laws. But, but… they did a PIA! Surely everything is okay now? Oh, and the US claim that “Norwegian authorities had been informed in advance about the surveillance activities.” Hey, this means someone is lying to us! Surely not… 😉

Surveillance, Coercion, Privacy and the Census

There’s been a huge furore here in Canada about the current government’s decision to abolish the long-form census. I’ve been following the debate more interested in what the proponents and opponents have been saying about privacy and surveillance rather than intervening. But it’s about time I got off the fence, so here’s my two cents’ worth. It may come out as an op-ed piece in one of the papers soon, I don’t know…

Sense about the Census:

Why the Long-form Census debate really matters.

The debate about the scrapping of the long-form census is in danger of being unhelpfully polarized. The result can only benefit the current government to the long-term detriment of the Canadian people. On the one hand, some of those campaigning for the reinstatement of the survey have dismissed issues of surveillance and privacy. On the other hand, supporters of its abolition have referred to ‘privacy’ and ‘coercion’ as if these words in themselves were reason enough to cut the survey. But the whole way in which privacy has been discussed is a red herring. We need to reaffirm a commitment to privacy alongside other collective social values not in opposition to them. We need privacy and we need the census.

First, coercion. The long-form census is undoubtedly a form of coercive state surveillance. One only has to glance at the recent history of state data collection and its role in discrimination and mass-murder to see that that one can be far too blasé about the possibility of states misusing statistics. Examples abound from the Holocaust to the genocide in Rwanda, and there is no reason to suppose that this could never happen again. In fact technology makes discrimination easier and more comprehensive: with sophisticated data-mining techniques, inferences can be made about individuals and groups from disparate and seemingly harmless personal data.

However, just because censuses have the potential for abuse, this does not make them wrong. Surveillance forms the basis of modern societies, good and bad, and coercion is all around us from the time we are children told by our parents not to play on the stairs. Coercion can be caring, protect us and improves our lives. The long-form census would have to be shown to be unfairly coercive, or not have enough beneficial policy outcomes to justify any coercion. This, the government has failed to do, whereas the campaign for the restoration of the survey has highlighted numerous examples of improvements in communities across Canada resulting from long-form census data.

Now to privacy. The campaign to restore the long-form census has seen frequent instances of the argument, ‘nothing to hide, nothing to fear’. This is one of the most glib arguments about privacy and surveillance, not only because of the potential abuse of state data collection but also because it assumes so much about what people should want to keep private. Another common argument is that privacy is irrelevant because ‘everyone gives away their personal information on Facebook anyway’. But the fact that some people chose to share parts of their lives with selected others does not imply that any infringement of privacy is acceptable. Privacy depends on context. Social networking or marketing trends do not mean that ‘anything goes’ with personal data.

In making these arguments, campaigners end up unwittingly bolstering a government strategy that relies not only on the evocation of ‘coercion’ but on pitting individual privacy against collective social goals. Yet, the government’s position is misleading. Privacy is not simply an individual right but also a collective social value. And further, just because the data is collected from individuals by the state, does not mean that the state infringes on privacy. It depends on whether the data is stored without consent in a way that identifies individuals or is used in a way negatively impacts upon them.

However, Statistics Canada have demonstrated a commitment to privacy within the census process. The long-form census data is not used to identify or target individuals. It is aggregated and used for wider community purposes. As Statistics Canada say quite on their website: “No data that could identify an individual, business or organization, are published without the knowledge or consent of the individual, business or organization.” The census returns are confidential and Statistics Canada employees are the only people who will ever have access to the raw returns, and they are bound by The Statistics Act. All this was confirmed by the Office of the Privacy Commissioner of Canada, who found the 2006 census fully compliant with privacy law.

So both privacy and coercion are red herrings. The conduct of the long-form census has demonstrated a commitment to privacy alongside other collective social values in support of individuals and the wider community. This moderate, sensible and profoundly Canadian position is now under threat. That is why this debate matters.

Further details on the new UK government’s Civil Liberties agenda

The UK full coalition agreement between the Conservatives and Liberal Democrat parties has just been published. It includes a section on civil liberties which is much more than we could have hoped for and which makes no mention of rolling back the Human Rights Act or the more ludicrous fringe Conservative demands… In full it is as follows:

“The parties agree to implement a full programme of measures to reverse the substantial erosion of civil liberties under the Labour government and roll back state intrusion.

This will include:

• A freedom or great repeal bill;

• The scrapping of the ID card scheme, the national identity register, the next generation of biometric passports and the Contact Point database;

• Outlawing the fingerprinting of children at school without parental permission;

• The extension of the scope of the Freedom of Information Act to provide greater transparency;

• Adopting the protections of the Scottish model for the DNA database;

• The protection of historic freedoms through the defence of trial by jury;

• The restoration of rights to non-violent protest;

• The review of libel laws to protect freedom of speech;

• Safeguards against the misuse of anti-terrorism legislation;

• Further regulation of CCTV;

• Ending of storage of internet and email records without good reason;

• A new mechanism to prevent the proliferation of unnecessary new criminal offences.”

All of these points are excellent. They lack detail of course, and the devil is always in the detail, and I would have liked to have seen a little more on what would be included in the ‘great repeal’ given that later it only talks about ‘safeguards’ against the abuse of anti-terrorism laws, but really this is as good as anyone could have hoped for, even, though they may not admit it, many of the more socially-liberal Labour Party supporters. The reform of libel laws and commitment to transparency is equally as welcome as the rolling back or regulation of surveillance, and this seems to extend into other parts of the agreement for the reform of government and elections. I hope the eventual full programme will also include some rationalisation of the crazy landscape of multiple ‘commissions’ to regulate different aspects of state-citizen information relations, in favour of an expanded and more powerful Information Commissioner’s Office, but we will see. However, this is a great start (and I never, ever, thought I would be saying that about a Conservative government…).

UK ID Card Program scrapped after election (and more)

As both the Conservative Party and the Liberal Democrats in the UK had the scrapping of the National Identity Card card scheme as part of their manifesto, the unpopular program has been suspended immediately by the new coalition government, pending further announcements.

The full statement reads as follows:

“Both Parties that now form the new Government stated in their manifestos that they will cancel Identity Cards and the National Identity Register. We will announce in due course how this will be achieved. Applications can continue to be made for ID cards but we would advise anyone thinking of applying to wait for further announcements.

Until Parliament agrees otherwise, identity cards remain valid and as such can still be used as an identity document and for travel within Europe. We will update you with further information as soon as we have it.”

But although the cards will almost certainly go, despite the statement it is unclear yet what will be the fate of the National Identity Register (NIR), the new central database at the heart of the scheme. Neither party, and the Tories especially, said anything specific in their manifestos about scrapping the database, so we will see what happens here – although the statement issued seems categorical about this too. Although the end of the card scheme reduces opportunities for the ‘papers, please’ style abuse of minorities, it is the database that is of biggest concern to those interested in surveillance and social sorting. I have long favoured a secure central government Information Clearinghouse, which whilst transferring necessary information as needed and consented to between different parts of government, would not in itself hold any data. I suspect however, that some fudge will emerge!

In the meantime, the price of the coalition also was reported to include new legislation regulating video surveillance (CCTV) cameras (only about 20 years too late, but that’s the speed of British politics for you), and the review of many of the new powers in the (Anti-)Terrorism and Civil Contingencies Acts (and perhaps the Regulation of Investigatory Powers Act too – though it hasn’t yet been mentioned specifically). It is very rare that legislation is repealed or rolled back but we may yet see an increase in civil liberties under the new coalition. The one big worry in this are though is the Conservative opposition to the Human Rights Act – however with their Liberal Democrat partners being committed to the HRA, I can’t see any moves to repeal the act in this Parliament.

I am cautiously optimistic…

No need to fear a database society?

Peter Bradwell of Demos raises some interesting points in his summary of their new report on people’s attitudes to state databases in the UK, but he also sets up a straw man, and as I am one of the people implicated, I object to this. He argues that there are many positive sides to databases (of course!) and contrasts this with the former Information Commissioner’s statement on ‘sleepwalking into a surveillance society’ as ‘fear-based’. However, the reaction of the ICO was to commission a report in 2006, which I coordinated, to examine the concept of the ‘surveillance society’. This was pretty balanced and stressed the positive aspects of surveillance as much as the negative, indeed it did exactly the kind of assessment that Demos claims it’s doing here. So it’s rather ironic that the author is trying to stop people being afraid of the word ‘database’ yet still promoting the idea that ‘surveillance’ is automatically a bad thing to be feared! However, I would urge rather less optimism. We’re currently writing an update to our 2006 report and it’s pretty clear that in most areas, the UK has gone further, faster, than even we anticipated.

The basic argument of Demos appears to be that if all of this was under some kind of accountable control, then perhaps one might have grounds for optimism. But that’s true of just about almost anything and it’s a rather big ‘if’. What are the developments in the direction of accountability that they have seen which give rise for optimism? There are none in the piece, and the report itself is about what people think about state databases. That is very interesting from a political point of view, but unfortunately doesn’t tell us much about what is actually happening or likely to happen, only what people believe about it. Of actual examples of increasing accountability recently, I can only think of the state’s retreat on RIPA, but that wasn’t particularly profound, and the only other serious changes have come when the British government’s hand has been forced by European Court decisions (on the National DNA Database, for example)… can Demos help me out here with more than just the fact that people don’t think it’s that bad? I will have to read the full report and get back to you…