Category: data

Private sector data loss in Japan

I’ve blogged a fair bit in the past about state and private data losses in the UK. In Japan too this has been a big problem, and is a reasons given by central government for the need to centralise databases and by opponents talking about the risk of such centralisation.

The latest major data loss, just the other day, was by the giant banking combine, Mitsubishi UFJ Nicos, which accidentally ‘threw away’ personal data on almost 200,000 customers from 1993 to 2001. Of course MUFJ Nicos say there is no security or financial risk, but then organisations in these situation always say something like that…

Not all of these data losses are accidents however. Back in April, another part of the Mitsubishi keiretsu (a Japanese term for a loosely-connected ‘family’ of companies), Mitsubishi UFJ Securities, fired one of its managers, Hideaki Kubo, who is alleged to have stolen personal data on almost one and and half million customers, and had allegedly already sold data on 49,000 to data brokers for the rather unimpressive sum of just 32,0000 Yen (around $3200 US). He is believed to have had considerable debts.

In short, it doesn’t matter how strong your firewalls are, or how good your computer security is, if there is an employee, or a government bureaucrat with access to sensitive data, who is in financial difficulty or who is simply aggrieved or greedy, then data will leak out. The risks are not small, in fact it seems almost inevitable, and I believe that the number and scale of such losses are probably significantly under-reported by both private firms and government. Of course, it is also significant just how many supposedly reputably companies are prepared to pay for stolen data. This trade is certainly not taken seriously enough by regulators in most countries…

Varieties of anti-surveillance activism in Japan

Although some progressive activists would like it to be otherwise, anti-surveillance feeling is not confined to the left, indeed in many countries, like the USA, libertarian individualist right-wing anti-surveillance activism is perhaps more common. And it seems that such a position is not unusual in Japan either.

Having returned from a weekend of hot springs, fine sake-tasting and eating way too much, today we met with the Mayor of the Suginami ward of Tokyo, Hiroshi Yamada, a prominent figure in the anti-juki-net campaign, and a also one of the leaders of a group of right-wing figures trying to promote a new nationalist grouping at that end of the Japanese political spectrum. But this new right is not at all a simple matter of ‘back to the 1930s’ that some commentators would have you believe. Yes, this group – which also includes the Mayors of major cities including Yokohama and Nagoya as well as popular journalists like Yoshiko Sakurai – has very conservative, revisionist views, on Japanese history, but in many ways they have far more in common with the new US libertarian right in their rejection of large state and high taxes, and in other areas too, for example Sakurai has rather unscientific views on climate change!

Part of the this libertarian outlook is the rejection of state intrusion into the private lives of individuals. Mayor Yamada saw the juki-net system as part of unwelcome movement towards a more top-down society, concentrating power at the centre. He was very clear that the state’s ability to collect information on the individual should be based on what the individual wanted to give up, not on what the state thought it needed (this is very much the opposite of what the Prime Minister’s IT Strategic HQ said to us last week). He was also most concerned about the risks posed by large databases, both as an attractive target to external hackers and to corrupt use from inside operators. Yamada is not opposed to what he calls IT shakai (IT society), but the use of IT should be based on what is useful to individuals, and of course what is actually he needed, he argued, would often be less expensive than the massive computerisation schemes favoured by the current administration as part of their i-Japan strategy. In this sense, he said he would oppose any move to unnecessary centralised databases and certainly to any possible national ID register or card.

In most respects, what Mayor Yamada said could probably have been said by any left-wing civil liberties activist in the UK, or by conservative right opponents of intrusive state like Conservative ex-Shadow Cabinet Minister, David Davis. Perhaps many aspects of what is felt to be wrong with surveillance society do not correlate neatly with old left-right divisions. This view was shared by Toshimaru Ogura, a Toyama University professor and major figure in left-wing anti-surveillance activism whom we met with just afterwards, along with campaigning journalist, Midori Ogasawara again. Just as the Convention on Modern Liberty event earlier in the year showed for the UK, there are many different varieties of anti-surveillance feeling in Japan, and whilst opponents may disagree with each other, and may even find other aspects of the politics of their erstwhile collaborators utterly distasteful, they do collaborate, even if it is only for short periods.

Professor Ogura’s analysis, as that of Ogasawara and indeed of Kanshi-no! whom we met the other day, is much more focused on the way in which surveillance excludes and discriminates – against union members, activists, gaikokujin (foreigners) and so on – and also the ways in which it favours the interests not just of the state but capital. We’ll be talking to groups who deal with the concerns of these excluded people in the last week we are here. Privacy is important, but Ogura’s analysis is concerned with the disproportionate effects of surveillance. It is not just that privacy is affected but that particular groups’ and individuals’ rights are damaged more than others, and those people are not generally the ‘ordinary taxpayers’ to whom Yamada and the libertarian right are trying to appeal.

Like me, Professor Ogura is also particularly interested in the way in which particular corporations and business coalitions pushing technological ‘solutions’ to social and organisational problems can have a profound influence the way government makes decisions. Such coalitions would still be there however large government was, and in some ways, without a government large enough to stand up to the private sector, a different kind of more purely market-driven surveillance society would emerge. In that sense, it is what government does, and to whom it responds, that is more important that more arbitrary questions of ‘size’.

There’s a lot more to consider here too, in particular the extent to which any of the things we consider under the umbrella of ‘surveillance’ are actually and actively part of some coordinated state (or other) plan. I’m starting to develop a sense of this here, but I will leave those thoughts to another post.

(Thank-you to Mayor Hirioshi Yamada, Professor Ogura Toshimaru and again, to Midori Ogasawara for being so generous with their valuable time).

At the IT Strategic Headquarters

Yesterday we visited the Prime Minister’s IT Senryaku Honbu (IT Strategic Headquarters). (This has actually been the only national-level government agency that has agreed to speak to us, and some of the reasons for refusal have been rather telling, not least that of Houmusho (the Ministry of Justice), which claimed that they had nothing to do with privacy and so on, which betrays a level of ignorance about the effects of their own policies that is probably more the result of bureaucratic sectionalism and literalism than anything else but is nevertheless interesting!). The IT Strategic HQ is responsible for developing the ‘i-Japan’ strategy, the latest incarnation of what has at various times been called ‘Information Society Japan’ and ‘e-Japan’ policy. They are also the agency that wrote the most recent Japanese data protection laws, which I wrote about a couple of weeks ago.

We were treated to a prepared presentation on the latest incarnation of the i-Japan strategy, in which the ‘i’ seems to stand for ‘inclusion’ and ‘innovation’ but not apparently for ‘interactive’, which one might expect from its use elsewhere in computing. However it was the brief interview we had afterwards that was more enlightening.

In short, the government has acknowledged that what they originally wanted out of juki-net has failed due to opposition, despite the supreme court victory that ruled that the current cut-down version was constitutional. However, as Kanshi-no! argued, they are not going to back down that easily. The movement towards the creation of centralised government databases will continue, and there most likely will eventually be a fully configured identification system (and card) and rather alarmingly, the new i-Japan strategy makes it quite clear that laws that currently prevent this from happening will simply be changed or removed. They do not want opposition groups, nor indeed the current global recession, to be able to hold up or change these plans.

However the main thrust of development of centralised databases has shifted away from juki-net and the jyuminhyo (residents’ registration) system, towards national insurance, health and pensions. This is, as the agency than runs juki-net, Lasdec, suggested to us – and I am now beginning to think that this suggestion was rather more of a loaded hint than I had first thought – by far the most data-rich area of government records and therefore in many ways more suitable for being the basis of an architecture of central registration and identification. The database that the government intends to create in this area will also have the possibility for citizens to add in (voluntarily, they say), information from private sources, such as bank account and other financial details. Of course this could be more ‘convenient’ in terms of benefits and taxes, but it also puts an enormous amount of previously private data in the government’s hands and presents a huge temptation to identity fraud and theft from both outside and, more importantly inside the state bureaucracy (and let’s not forget, most identity fraud is an inside job).

It gets more worrying still as despite the advanced stage of these plans, the government has apparently still not decided exactly who will have access to this database, and the police in particular, as well as private insurance companies, are still considered as potential users. It seems that although the IT Strategic HQ might have developed data protection in Japan but they do not appear to understand its principles of necessity, proportionality and consent – indeed I asked them about these principles and they really had no serious reply. Instead they claimed that people in Japan wanted to have these central databases because the current fragmented system had led to poor security and data losses, and in any case, ageing society and the pensions crisis meant this had to be done. I have noticed that in Japan, ‘ageing society’ like ‘terrorism’ in the UK, seems to have become the spectre evoked to silence potential criticism.

There are many other issues too: the government is also trying to introduce a voluntary system of Electronic Health Records (EHR), but this is not as developed as the Connecting for Health centralised database that is still experiencing significant problems in its introduction in the UK; and there are some rather less controversial social inclusion measures included the provision of computers for schools and so on. However my overall impression after leaving the IT Strategic HQ was of a government that was determined to press ahead with centralised collection and control of personal information regardless of the views of citizens or of whether it is really necessary even to achieve the policy aims they have. And this won’t change as the result of a change in government either. If, as seems likely, the Liberal Democratic Party (LDP or Jyuminshuto) are voted out, the Democratic Party of Japan (DPJ or Minshuto) which will succeed them, has already said that it will create a central database.

(Thank-you to the officials of the IT Strategic Headquarters for their time).

Why Japan is a surveillance society

We met yesterday with member of the Campaign Against Surveillance Society (AKA Kanshi-No!) a small but active organisation formed in in 2002 in response to the Japanese government’s jyuminkihondaichou network system (Residents’ Registry Network System, or juki-net). plans and the simultaneous introduction of police video surveillance cameras in Kabukicho in Tokyo. We had a long and detailed discussion which would be impossible to reproduce in full here, but I did get much more of a sense of what in particular is seen as objectionable about past and current Japanese government actions in this area.

The main thrust of the argument was to do with the top-down imposition of new forms of control on Japanese society. This they argued was the product of the longtime ruling Liberal Democratic Party’s neo-liberal turn and has thus been some time in the making. It is not a post-9/11 phenomenon, although they were also clear that the G-8 summit held in Hokkaido in 2008 used many of the same forms of ‘community action’ in the name of preventing terrorism as are used in the name of anzen anshin (safety) or bohan (security) from crime in Japanese cities everyday.

However, they argued that this might be a product of neo-liberalism, but the forms of community security were drawn from or influenced by a much older style of governance, that of the Edo-period mutual surveillance and control of the goningumi (five family groups). (this is actually remarkably similar to the argument that I, David Lyon and Kiyoshi Abe made in our paper in Urban Studies in 2007!). Thus the mini-patoka and wan-wan patrol initiatives in Arakawa-ku were seen as as much a part of an imposed state ordering process as the more obviously externally-derived CCTV-based form of urban governance going on in Shunjuku.

Underlying all this was the creation of an infrastructure for the surveillance society, juki-net. They were certainly aware of the way that juki-net had been limited from the original plans, and indeed they regarded these limits as being the major success of the popular campaign against the system, however they argued that the 11-digit unique number now assigned to every citizen was the most important element of the plans and this remained and could therefore serve as the foundation for future expansion and linking of government databases. They pointed to the way that the passport system had already been connected.

Kanshi-no! were also concerned, in this context, about the development of plans for experimental facial recognition systems to be used in Tokyo (at a location as yet unrevealed). This would imply the development of a national database of facial images, and a further extension of the personal information held by central government on individuals.

So was this all in the name of puraibashi (privacy) or some wider social concerns of something else? Certainly, privacy was mentioned, but not as much as one would expect in an interview with a British activist group on the same issues. I asked in particular about the decline of trust and community. The argument here was that community and any lingering sense of social trust had already been destroyed and that CCTV cameras and other surveillance measures were not responsible in themselves. However, from an outside perspective it does seem that there is more of a sense of social assurance and community, even in Tokyo than there is in the UK. I do wonder sometimes when people (from any country) refer back to some time when some idealised ‘trust’ or ‘community’ existed, when exactly it was! Rather than a  particular time, it seems to be a current that either asserts itself or is suppressed of co-opted into the aims of more powerful concerns in particular times and places.

I asked at one point what immediate change or new laws Kashi-no! would want, and the answer was quite simple: no new laws, just for the state to respect the constitution which they said already made both CCTV cameras and juki-net illegal (although of course the Supreme Court recently disagreed).

(Thank-you to the two members of Kanshi-no! for their time and patience with my questions)

At the Tokyo Metropolitan Police HQ

The Tokyo Metropolitan Police HQ in Chiyoda-ku
The Tokyo Metropolitan Police HQ in Chiyoda-ku

We had an enlightening interview, which will give me much to analyse later, with three senior officers from the Seikatsu Anzen Bu (literally, ‘Everyday Life Safety Division’) of the Keisicho (Tokyo Metropolitan Police). Interestingly, this division that was created as a result of the Seikatsu Anzen Jourei (Governor Ishihara’s 2003 Tokyo Metropolitan Government ordinance) and which deals with all the community security and safety initiatives, including CCTV, is separate from the Chiki Bu (the community division) that is responsible for the koban neighbourhood police box system.

Like almost everyone in authority we have met here, the police were convinced that they were not doing surveillance in using the cameras. They also confirmed that almost all of the CCTV systems operated by shoutenkai (shopkeepers’ associations) are not monitored and are simply recorded. They also stressed their deep concern for privacy and the rights of citizens and said that data from the police-operated cameras – of which there are around 150 in Shinjuku (the largest system with 50 cameras in the Kabukicho entertainment district), Shibuya, Ikebukuro, Roppongi and Ueno – was only kept for 7 days unless there was a specific reason to retain it. This is a legal requirement not just a police guideline. The police cameras are monitored both in local stations and in a central control room, but we were told that it was strictly forbidden for us to visit (unlike every other city in which I have done research) as everyone who enters has to be pre-enrolled in the police iris-scan security database.

We talked a lot about the history of the development of CCTV and of community safety initiatives in Tokyo, and Governor Ishihara’s absolutely central role in backing video surveillance became very clear (it’s a shame he has so far refused an interview with us!). What was also particularly interesting was that the police themselves did not think that apparently obvious ‘trigger events’ were as important as it might seem. For example, they claim that the police only really began considering the use of CCTV cameras not after the Aum Shinrikyo sarin gas attacks on the Tokyo underground but because of the influence of G8 summit security. One officer specifically mentioned the Gleneagles summit (which was just starting when terrorists attacked the London transport system), but this was in 2005, well after the TMG had already introduced CCTV, and after which the Tokyo police have not introduced a lot more cameras. So I don’t quite understand their point. It may become clearer once I have the complete transcripts… They also claimed that it was the Tokyo police rather than Japan Railways themselves or the Tokyo Metro authority who insisted on installing CCTV in the Tokyo transport network after the Aum attacks.

The officers talked a lot about community involvement. They dismissed the objections to their public space CCTV systems for several reasons, not least as I have already mentioned that they were not doing ‘surveillance’, but more importantly because they claimed to have done extensive consultation with local community groups, businesses etc. The claimed that they could not do anything without this support. This may have been true for Kabukicho, which was undoubtedly afflicted by an influx of Chinese gangs in the 1990s, but we heard from the local government of another ward that is being lined up for one of the new volunteer-based child safety camera systems being introduced from 2010 that they were given no choice by the police, and that local people were not happy about it. The problem is that this local authority don’t want to be interviewed further about this as they are in a rather delicate position over this new system.

(Thank-you very much to the officers from the Seikatsu Anzen Bu for giving us their time)

The paranoid bubble of Offender Locator

TechCrunch reports that one of the Top 10 current iPhone apps in the USA is something called ‘Offender Locator’. This is a little mash-up that overlays the location of those on registries of sex offenders onto google maps, so you can check where sex offenders live whilst you are on the move.

This is such a world of wrongness, its hard to know where to start.

Let’s begin with the categorisation. The category of ‘sex offender’ varies from jurisdiction to jurisdiction. This app is clearly targeted at parents worried about paedophiles, yet depending on the state, offender registers can include people convicted of innocuous things like public nudity, public urination and simple underage sex (and please don’t try to tell me that a 17-year old kid who has consensual sex with a 15 year-old kid is a technically a paedophile, that’s just normal, whatever the laws of some backwards states may say).

The second thing is that even the US Department of Justice says that such registers cannot be guaranteed to be accurate. So now these non-guaranteed lists are available to you mapped out on your iPhone. Does that somehow make them more accurate? No, but all those red arrows on a map do look much very ‘real’ and scary though, don’t they?

Which brings me to the third point. What are you supposed to do with this ‘information’? It’s hardly empowering, in fact it creates a false view of the world based on fear. Will you not let your kids out within several miles of any red marker on the map, will you take a detour to avoid neighbourhoods with high concentrations of offenders when you are driving, or of course, in contrast, will you deliberately go to such places with a baseball bat to show those sex offenders who’s boss?

Finally, of course, this information isn’t ‘live’. It shows you where sex offenders live, but they aren’t chipped yet, so not where they actually are at any one moment in time. It provides at once a false sense of reassurance and the nagging feeling of doubt that they could really be right behind that tree over there, or in the shadows. And what do ‘they’ look like? That man over there with the 5 o’clock shadow at 11 in the morning sure looks like a sex offender… and there’s definitely some in this neighbourhood, your iPhone says so!

Apps like this, policies like this, also increase the pressure for more ‘comprehensive’ solutions – especially this app. Because it isn’t ‘live’, they’ll be people asking ‘why not?’ Why not tag these people for the rest of their lives with GPS cuffs, or implant them with RFID chips?

Finally, the thinking behind this app is just wrong in terms of what we know about sex offenses. Most real sexual violence and sexual abuse of children takes place within the home and within ‘normal’ family relationships (and ‘normal’ schools and nurseries too). That’s what Mr or Mrs iPhone doesn’t want to hear. ‘It couldn’t be my husband, okay he gets angry with the kids sometimes, but he’s under a lot of pressure at work and I know he loves us…’ Far easier to externalize the ‘threat’, to cast it ‘out there’ amongst the red arrow markers on the streets of some other neighbourhood…

Surveillance isn’t necessarily the same thing as paranoia but when surveillance becomes pathological, paranoia is the result. Some paranoia is about surveillance, some is expressed in surveillance. This kind of apparently democratic, freedom of information app, demonstrates the worst and most pathological places that a society of ubiquitous surveillance can start to go. It creates defensive bubbles of individualized, desocialized paranoia, of protecting ‘the kiddies’ against the threats from the ‘Other’, outside. Perhaps you should just stay inside and buy everything from amazon.com and make your kids live in some virtual world where only those nice marketers can prey on them…

(thanks to Aaron Martin for pointing this snippet of news out to me)

Tokyo Brandscaping and the SuiPo system

Brandscaping is a term used in marketing to describe the metaphorical landscape of brands (either for a particular brand, company or sector), however it is also being used by some researchers, including me, to describe the way in which brands are being infiltrated into urban landscapes, with the ultimate aim of being ‘inhabitable’ perhaps even 24/7 (see for example Disney’s move into urban development with Celebration in Florida).

Contemporary brandscaping makes use of new ambient intelligence, pervasive or ubiquitous computing technologies (‘ubicomp’) and ubiquitous wireless communications to create a landscape in which the consumer is targeted with specific messages directing them to certain consumption patterns. Such communication cans of course be two-way and provide corporations with valuable and very personal data on consumption patterns. As I’ve argued in many presentations over the last few years, ubicomp is necessarily also ubiquitous surveillance (what I call ‘ubisurv’ – hence the name of this blog!) because to work it requires locatability and addressability. Japan, and Tokyo in particular, has been the site for a number of cutting edge experiments in this regard, including the ‘Tokyo Ubiquitous Technology Project’ which embedded 1000 RFID tags which can communicate with RFID-enabled keitai (mobile phones) in upscale Ginza as well as several other pilot schemes around Ueno Park and Shinjuku.

TUTP is not all about marketing surveillance however, part of the scheme has involved ‘Universal Design’ (UD) principles, with one experiment to embed chips in the yellow tactile tiles designed to help guide sight- and mobility-impaired people around the city so that useful access information could be passed through specially-enabled walking sticks. I’m very interested in such experiments as they indicate an alternative direction for ubicomp environments which are about genuinely enabling people who are currently disabled by social and architectural norms, and creating a richer sensory landscape. They show that both surveillance and ‘scary’ technology like RFID chips can be humanised.

Unfortunately in our consumer-capitalist world (and Tokyo is the exemplary city of hyper-consumption), marketing and building brandscapes tends to take priority over enabling the excluded and the disadvantaged. But there are different ways of doing this too, which can be more or less intrusive and consensual. The other day I was talking about the growth in functionality of the Suica smart travel card system. Suica-enabled keitai can now, be used buying all sorts of things and since 2006 there have been a growing number of ‘SuiPo’ (short for ‘Suica Poster’) sites, Suica-enabled advertising hoardings that will, on demand send information to your mobile e-mail address with on particular advertising in which you are interested if you pass your Suica card or phone over a scanner placed next to the poster (see photos below)

The difference between SuiPo and the Ginza RFID scheme however is that it with SuiPo is that it is the consumer who makes the choice whether to activate any particular poster’s additional information system. In this sense it is a development of the i-Mode system in which many keitai can read information from special barcodes embdedded in magazine advertisements. It doesn’t automatically call your phone every time you pass an enabled poster, once you have signed up. Not as high-tech but slightly more consensual. However this will, of course, lead to the accumulation of a lot of data on consumption interests. This potentially generates a massive consumer surveillance tool, because it can be linked up travel patterns (your registered Suica card sends information back on where you go – I was wrong about the absolute differences between London’s Oyster and Tokyo’s Suica systems the other day) and information about consumption.

So will this potential become reality? The page on privacy and data protection on the SuiPo website (as usual the link is hidden away at the bottom of the front page!), is pretty standard stuff except for the legitimate purposes for which the data can be used once you sign up. They are, for those who don’t read Japanese, for:

  1. Sending the specific requested information to you;
  2. Improving services;
  3. Data processing and analysis;
  4. JR East’s promotional marketing; and
  5. JR East customer questionnaires.

Purposes 2 and 3 pretty much allow JR to do anything it likes with the data once you have signed up, and there is no statement as to what can or cannot be done with data once it has been ‘mined’ – analysed and transformed into more useful to the company or other organisations (corporate or state) which might want to buy or access such knowledge. ‘Ubisurv’ indeed…

A juki-net footnote

I had a conversation yesterday (not a formal interview) with Midori Ogasawara, a freelance journalist and writer who used to report on privacy issues for the Asahi Shimbun newspaper. This was mainly to set up further interviews with those who are or were involved with campaigns on surveillance and privacy issues in Tokyo. However I also managed to clarify a few of my own questions about juki-net and the opposition which it attracted.

In short, there seem to have been several objections.

  1. First of all was the objection to the idea of a centralised database, which was able to link between other previously separate databases.
  2. Secondly, there was the fact that this was the national state asserting authority over both local government and citizens. Both Local Authorities and citizens groups had argued for ‘opt-in’ systems, whereby firstly, towns could adopt their own policies towards juki-net, and secondly and more fundamentally, individual citizens could decide whether they wanted their details to be shared.
  3. The third objection was to there being a register of addresses at all. Many people saw this simply as an unnecessary intrusion onto their private lives, and in any case, the administration of welfare, education and benefits worked perfectly well before this (from their point of view) so why was such a new uniform system introduced?
  4. Next there were objections based on what was being networked. The jyuminhyo (see my summary from the other day) is not actually a simple list of individuals and where they live, but is a household registry. It might not, like the koseki, place the individual in a family line, but is still a system based on patriarchal assumptions, with a designated ‘head’ of the household, and ‘dependents’ including wives and even adult children.
  5. Finally, there was the question of the construction of an identification infrastructure. Whether or not juki-net is considered as an identification system, and it does have a unique identifying number for each citizen, and has the potential to be built on to create exactly such a comprehensive system of national identification. Lasdec, who we talked to the other day, may not approve of this, or believe it will happen, but they are only technicians, they are not policymakers and don’t have the power or the access to know or decide such matters. And in the end, if they are required by law to run an ID system then they will have to run it.
  6. There were, as I already mentioned, objections to the potential loss or illicit sharing of personal information. I don’t think this is intrinsic to juki-net, or indeed to database systems, but of course both databases and networks make such things easier. People are also quite cynical about promises of secure systems. Lasdec may say that that juki-net is secure, but there have been enough incidences of government data leaks in the past for people not to accept such assertions.
  7. Finally, Juki-net connects to the border, passport and visa system. The reason that foreigners will finally be included on the jyuminhyo (and therefore juki-net) from 2012 is not therefore to respond to long-term foreign residents’ requests for equal treatment but in fact to make it even easier to sort out and find gaikokujin, check their status, and deal with unofficial and illegal migrants. Groups campaigning for the rights of foreign workers (mainly the exploited South-East Asian and Brazilian factory workers) have therefore been very much involved. Of course it also makes it possible to connect the overseas travel of Japanese people to a central address registry.

I’ll be meeting Midori again soon, I hope, along with other researchers and objectors. I am also still hoping to be able to talk to officials from the Homusho (Ministry of Justice) and the Somusho (Ministry of Public Management, Home Affairs, Posts & Telecommunications), but they are are currently passing around my request to different offices and generally delaying things in the best bureaucratic traditions!

Identification in Japan (Part 2): Juki-net

As I mentioned yesterday, one of the big developments in state information systems in Japan in recent years has been the development of the jyuminkihondaichou network system (Residents’ Registry Network System, or juki-net). Very basically juki-net is a way of connecting together the 1700 (recently restructured from 3300) local authorities’ residents’ registries (jyuminhyo). These are a record of who lives in the area and where, that are held on a multiplicity of different local computer (and even still, paper) databases. Japanese government services are always struggling to catch up with massive and swift social changes, particularly the increased mobility of people, that made first the Meiji-era koseki (family registers) and then the disconnected local jyuminhyo (which were both themselves introduced to deal with earlier waves of increased social and spatial mobility) inadequate.

Operational from 2002, juki-net is restricted by law to only transmitting four pieces of personal data (name, sex, date-of-birth and address), plus a randomly-generated 11-digit unique number. Nevertheless, the system was strongly opposed and has sparked multiple legal challenges from residents’ groups who did not want to be on the system at all, and who considered the risk of data leakage or privacy violation to be too great for the system to be lawful. These challenges were combined together into one class-action suit, which finally failed at the highest level, the Supreme Court, in March 2008. The court ruled that juki-net was constitutional and there was no serious security risk in the system itself but according to some analysts did not address the possibility of mistakes being made by operatives. But this would seem to me to be a problem of data protection in general in Japan, rather than an issues that is specific to juki-net. Like Brazil, but unlike Canada and the UK for example, Japan has no independent watchdog agency or commissioner for safeguarding privacy or kojin deta (personal data), and other than internal procedures, the courts are the citizen’s only recourse. In any case, as Britain’s comparatively frequent incidence of data loss by public authorities shows, even having such a system does not necessarily make for better practice. There is in Japan, as in Britain, training and advice in data protection provided by a specialist government information systems agency.

We interviewed officials at that government agency, Lasdec (the Local Authorities Systems Development Centre) today. Lasdec also developed and runs juki-net and is responsible for the new jyuminhyo / juki-net card that enables easy access to local (and some national) services via the web or ATM-like machines at local government offices. Unsurprisingly they were quite bemused by the opposition to juki-net, which they say was based on a lack of understanding amongst citizens about what it was, and a general fear of computers and databases. They argued that many people (including one or two local authorities) had the impression juki-net was, or was planned to be, an extensive database of all personal information held by different parts of the government, or even was the basis for a new system of national identification or indeed was a new system of national identification – indeed that was the impression one got from reading both Japanese and foreign civil and cyber-liberties groups’ reports in 2002/2003 with plenty of stories of the new Japanese ‘Big Brother’ system (see the archived collection here for example).

However Lasdec argued that both ideas were incorrect. The officials recognised both that the 11-digit unique number was adapted from a previous failed identification scheme, and that juki-net could in theory become the basis for any proposed future national ID scheme, but this was prevented by the enabling law. In any case juki-net was not even the best existing system on which to base an ID system: passport, driving licence and healthcare databases all had more information and certainly information with higher levels of personal identifiability – and no-one seems to be objecting the amount of information contained on the driving licence system, for example. Juki-net has no photos or other biometric data and no historical information. Likewise the residents’ card can have a photo if the resident wishes, but this is not shared through juki-net, and in fact the card itself is entirely voluntary. In addition, only in one city has take-up of the card exceeded more than 50% of the adult population (Lasdec has detailed information on take-up but only published a ‘league table’ without percentages). You also do not lose anything by chosing not to have or use the card.

The officials at Lasdec were, as with many technical and systems engineers in both public and private sectors whom I have interviewed, far more aware of privacy, data protection and surveillance issues than most politicians and mainstream (non-technical) government officials. They did not shy away from the terms kanshi (surveillance) or kanshi shakai (surveillance society) and indeed were as critical of the unregulated spread of things like CCTV in public space as many activists. They saw themselves in fact as controllers of information flow as much as facilitators. They were committed to the minimalist model of information-sharing set out by the law governing juki-net and wanted to find always the ways that information that was necessary to be shared could be shared without the creation of central databases or the exchange of additional unnecessary information. In addition, new laws came into force (in 2006), which make the residential information more private than it was before. In fact, such local registers used to be entirely public (anyone could access them), and now they are far more restricted – this only seems to have been noticed by direct marketing firms, who of course were not 100% happy with this change.

This puts me into a strange position. I have colleagues here who have been utterly opposed to juki-net, and I have always assumed that it was in some way similar or equivalent to the UK National Identity Register / ID card scheme. However in fact, it seems very similar to the ‘information clearing house’ idea which I and others have proposed for the UK, in opposition to the enormous NIR which would seem to suck in every kind of state-held information on the citizen! In addition juki-net does not require any more information from the Japanese citizen than is already held by the state, again unlike the NIR in the UK, for which multiple new forms of information are being requested by the state and indeed there are fines, and ultimately prison sentences, proposed by law for refusal to give up or update such information. In contrast, juki-net is more like the electoral register in the UK, to which hardly anyone objects.

This all makes me wonder exactly what it is that provoked such vociferous opposition to juki-net. If it is a actually or potentially repressive surveillance system, somewhat like Barthes’ famous description of Tokyo, it is one with an empty centre; there is no ‘Big Brother’ only a rather well-meaning set of bespectacled technicians who are just trying, as they see it, to make things work better so that people don’t have to keep proving who they are every time they move to a new area. Perhaps there are particular cultural and political factors (that is after all the working hypothesis of this entire project – and perhaps in making assumptions about both systems and oppositions across borders we obscure the specifics). Perhaps it is the association of the 11-digit number with previous proposed ID schemes. Perhaps, as in Germany, in new government information systems, there are resonances with older systems of identification and control that hark back to more repressive, fascist, times. Or perhaps there is a general cynicism of successive government ‘information society’ / ‘e-Japan’ / ‘i-Japan’ strategies and initiatives, each of which promise empowerment and in practice deliver more bureaucracy. These are some questions I need to explore further with other officials academics and activists.

India to issue biometric ID cards

According to The Times (and many other sources), this week, India is to create a central database, a unique identification number and biometric ID cards for all of its citizens. The scheme will be run by the newly-created Unique Identification Authority and cost an estimated £3 Billion (or around $5 Billion US).

As in Brazil, there is a felt need for such a system because of the proliferation of IDs and the dangers of anonymity and invisibility in a society where this can be a life or death issue. None of this, of course, means that the particular measures chosen will achieve their aims or will not create other problems. The Times with predictable journalistic cliche, calls this the largest Big Brother scheme in the world and the leader of the project is talking about a “ubiquitous online database” . However, it is rather difficult to see how it will be anything like that when most of India’s chaotic multi-level bureaucracy, especially at local level, still ‘works’ on the basis of paper-based filing systems.

There are suggestions too that this has purposes in crime-fighting and anti-terrorism, although the Indian government website on the scheme makes no such claims (which have in any case been discredited in the discussion about the proposed UK National Identity Register and ID card). It instead focuses on how ‘the Unique ID will be helpful in reducing identity related fraud and allow only targeted people to get the benefits from the government’ (MIT website).

Discussions on listservs has also served to question claims made in The Times article. The paper talks about ‘1.2 Billion’ people being enrolled, but in fact the scheme would only cover over-18s, which would be less than 2/3 of that number It also seems unclear exactly how the cards will be biometric. If it is just a photograph and fingerprint, this would be much the same as the Brazilian scheme. Of course the UK had more ambitious plans, but these were scrapped due to cost and reliability concerns.

Japan, where I am now, has instituted its own central database, and unique ID number, juki-net, and I will be talking to one of the people responsible for dealing with the technology that enables local governments to use the system this coming week…

(Thanks to John Bredehoft for pointing out the problem with the figures).