Today there probably won´t be that much new here as I am concentrating on preparing for interviews for the next two weeks in Saõ Paulo and Brasília. I will be talking to various NGOs (mainly concerned with urban violence and security), academics, parliamentarians and representatives for the federal police and government ministers. I am also meeting Danilo Doneda later today, who is the leading Brazilian legal expert on privacy and data protection, and a member of the Habeus Data network, which campaigns for information rights in Latin American.
(My netbook has also decided not to work today, so if I can´t get that fixed there might not be much here at all for the next two weeks! Why do these things always happen just when it is least convenient?)
the mixture of assumptions seems dangerous: a lack of genuine understanding combined with categorical friendship (analogous to categorical suspicion, the basis of profiling in policing) and technologies that unless actively adjusted all the time for all of those massive number of connections, allow you to be utterly exposed…
I’ve just seen that Google has launched its Latitude service, which allows you (once you register and add your phone number) to be tracked by all your ‘friends’, and correspondingly, for you so see your ‘friends’ – if they have signed up. I put the words friends in inverted commas with some sadness because the word seems to have become increasingly meaningless in the age of Facebook when accumulating ‘friends’ seems to have become a competitive sport. This is not entirely irrelevant to Latitude for reasons we will come to in a minute.
There are various questions about this.
A colleague comments that like many other tracking services, the way it is set up he assumed you could access the project if you just had access to someone else’s phone and a computer (or WAP/3G phone) at the same time. Perfect for a over-protective or suspicious parent, a suspicious, husband, wife, boyfriend, girlfriend – or anyone else for that matter.
The privacy policies are a mixture of Google’s standard (and already questionable) privacy statement and a new set of policies on ‘location privacy’, which state that:
“Google does not share an individual person’s location with third parties without explicit permission. Before someone can view your location, you must either send a location request by adding them as a friend or accept their location request and choose to share back your location.”
You can also change settings so that your location can be automatically tracked, manually selected, or hidden. If you are signed out of the service, you will not be on any map either. You can also change settings for specific friends, including hiding your location from them, share only the city you are in, or removing them from your Latitude list.
Now this all sounds very good, even fun – although it could be a recipe for all kinds of suspicions and jealousies – but it all depends on what the nature of ‘friendship’ means to the person using the service. Friendship no longer seems to require personal knowledge but simply matching categories. I was writing earlier about the loss of trust in South Korea, but the reformation of trust that occurs through social networking seems not to require the dense networks of interdependence in real life that traditional forms of social trust were built on. It doesn’t seem like a substitute, the mixture of assumptions seems dangerous: a lack of genuine understanding combined with categorical friendship (analogous to categorical suspicion, the basis of profiling in policing) and technologies that unless actively adjusted all the time for all of those massive number of connections, allow you to be utterly exposed, laid bare in time and space.
The most extreme examples of this personal surveillance are not in the relatively comfortable worlds that tech enthusiasts inhabit but firstly, in conflict zones – after all ‘I know where you live’ has always been one of the most terrifying and chilling expressions you can hear in such circumstances (see Nils Zurawski’s article on Northern Ireland in Surveillance & Society) and now it could be in real time; and secondly, in authoritarian, or even just paranoid countries. Here, real-time location data could be a goldmine for intelligence services, and it is not as if Google and Yahoo and others have bravely resisted the attempt of, for example, the Chinese government to suborn them to its illiberal requirements.
Now, perhaps this makes me sound very conservative. I’ve never joined a single social networking service – like, how Twentieth Century is that?! – but I am also sure that this service will be both used and abused in all kinds of ways, some that we expect and some that we don’t. It might be a tool for overprotective parents, for jealous lovers, for stalkers and even for killers; but it will also be a tool for new forms of creativity, deception, performance and play.
Or it could be just utterly pointless and no-one will bother using it at all.
(thanks to simon for the heads up. As it happens, Surveillance & Society currently has a call for papers out on ‘Performance, New Media and Surveillance’, to be edited by John McGrath and Bill Sweeney)
I can’t say I am remotely surprised, but in the journal, Homeland Security Affairs, Marcus Holmes has written a comprehensive demolition of the claim that the US federal government’s No-Fly List is an efficient security policy. He isn’t concerned with civil liberties – ACLU has done that elsewhere – nor with effectiveness – Bruce Schneier nailed that one a while back. He simply demonstrates, using elementary Cost-Benefit Analysis that the policy is a big fat waste of money. The article isn’t complicated to understand, so the best thing I can suggest is that you just go read it… (and thanks to Bruce Schneier and Boingboing.net for posting on this one).
the primary limitation to any social networking tool being used for purposes that users don´t like is that the users can just walk
There´s been some discussion recently over surveillance on Facebook and in particular, the question of whether Facebook is planning to make the vast amounts of data it has for more targeted and intrusive marketing. Britain´s Daily Telegraph reported yesterday, based on an interview with Randi Zuckerberg, Facebook’s global markets director (and not coincidentally, sister of founder Mark Zuckerberg), that it was going to do this. It based its conclusion on the fact that Facebook was demonstrating new instant polling tools at the Davos World Economic Forum, Facebook´s development of so-called User Engagement Advertising, and the fact that unnamed ´marketing experts´ say that Facebook could be ´worth millions´to advertisers.
But, it turns out this is putting 2+2 together to make 5. Techcrunch was one of many tech blogs that questioned the Daily Telgraph´s story. They asked Facebook what was going on and were told that the WEF polls were nothing to do with Engagement Ads (which have been on Facebook for a while already) and that ´Facebook has, for many years, allowed the targeting of advertising in a non-personally identifiable way, based on profile attributes. Nothing has changed in our approach, and Facebook is committed, as always, to connecting users in a trusted environment.´
Now I don´t trust The Daily Telegraph, which has been declining in quality over the last few years and cutting experienced journalists in favour of using agency stories rewritten by trainees. But equally I don´t trust Facebook (or for that matter, any company run by rich kids whose only experience of the world is college, but that´s another story…). It is easy to imagine that they encourage such stories to test the waters. If the reaction was less worried, they might indeed decide to reveal themselves as a massive marketing scam, but the primary limitation to any social networking tool being used for purposes that users don´t like is that the users can just walk. Facebook appeared from nowhere to become a global player within a few years and it could disappear just as quickly when the next big thing arrives. The rise and fall of net-based companies is only going to get faster.
(Thanks to Sami Coll and Jason Nolan for bringing this to my attention)
This time they are talking to Dan Trottier and Val Steeves about the way that social networking technologies, and in particular Facebook, track individuals and groups.
I hear on the grapevine that the British House of Lords’ Constitution Committee Report on Surveillance and Data Sharing will be out next Friday 6th February. The inquiry conducted by the committee has been one of the most thorough of any so far conducted, and certainly promises to be more considered than the rather rushed House of Commons Home Affairs Committee report, A Surveillance Society? from last year. Both reports were ordered largely in response to the Report on the Surveillance Society that Surveillance Studies Network wrote for the UK Information Commissioner in late 2006, and which is still getting coverage around the world (see CCTV in Canada for example). Check the Committee’s website for the report itself and, of course, back here for a review, on Friday.
There has been a serious global push for several years now by corporate content creators to hobble the Internet, and turn it into something more like television.
Time to catch up on a story that I missed this week. Boingboing reported the release of the UK government’s consultation document on Digital Britain. I had a eerie feeling of deja vu because the proposals are just like parts of Senator Azeredo’s bill that is halfway through the legislative process here in Brazil. Effectively it regards the Internet as some kind of untamed zone which must be brought under state control through a Rights Agency and ISPs acting increasingly as surveillance agents over the activities of their users, in this case particularly with regard to file-sharing.
The similarity is not surprising. There has been a serious global push for several years now by corporate content creators to hobble the Internet, and turn it into something more like television. The fact that the Digital Britain plan is filed under ‘broadcasting’ on the government’s website says quite a lot about the lack of tech savvy of state regulators in this area. What governments, in listening only to the corporate argument, don’t appear to realise is that we are actually collectively and autonomously coming up with better ways of ‘regulation’ of content through initiatives like Creative Commons and so on.
As in Brazil, where a serious netizen counter-plan is now emerging, with parliamentary support, there needs to be some serious organisation in Britain to present the alternatives to destroying the Internet and all is messy, unruly creativity. The Open Rights Group are trying to do this – let’s get behind them and make this more than just a few tech-savvy usual suspects.
News from Queen’s University’s Surveillance Project that the Surveillance Camera Awareness Network (SCAN), a stellar group of Canadian Surveillance Studies scholars, has released the first phase of its report on Camera Surveillance in Canada.
The report shows that public space CCTV is still relatively rare in Canada, with only 14 cities having implemented it. It argues that despite the lack of evidence for any effectiveness, and the absence of proper informed consent to schemes, the vast majority of the public support cameras largely on the basis of an ill-defined hope that they ‘work’.
My view is that the conditions for a British-style expansion would seem to be in place, were it not for the very different and much more activist role of Privacy Commissioners, informed by research like this, in questioning the need for CCTV. Let’s hope Britain’s role as an experimental surveillance guinea pig for the world will at least teach people elsewhere something…
The authors also mentioned that there is a surveillance series in the Ottawa Citizen that began Wednesday January 29. It features many surveillance studies academics from SCAN and more, and the first piece is really very good.
As another part of the series, the Citizen has adapted the 2016 scenarios that Kirstie Ball and I wrote for the Report on the Surveillance Society for the ICO back in 2006. They have pushed a load of things together so that it doesn’t quite makes sense, but never mind…
Every year, Privacy International publishes a kind of index of privacy. The methodology is qualitative and has a strong element of subjectivity based on PI´s campaigning objectives (for example my colleague, Minas Samatas, finds their assessment of Greece as the best country in Europe in this regard, ludicrous). There are also problems with the equivalence of the all the different categories, both in terms of whether all the surveillance identified is even ethically ´bad´ anyway, and in the adding up of categories to conclude that you can lump together the USA, UK, Russia and China. However, it remains a good focus for discussion and no-one else does anything similar.
Let´s see what they concluded about Brazil. Brazil ends up in the 3rd worst category overall, with a ´systematic failure to uphold safeguards´. In particular, PI condemned:
the role of the courts in weakening constitutional rights of data protection (something I will be coming back to next week);
the lack of a privacy law;
the lack of habeus data provisions;
the lack of a regulatory of personal data and privacy;
an overly simplistic test for the legailty of communications interception;
the new ID law;
recent Youtube censorship;
increasing workplace surveillance, which has only been partially addressed by the courts;
widepsread private interception of intenet and e-mail traffic;
that fact that ISPs are required to keep and hand over traffic data to police;
the extensive road transport surveillance using RFID.
However they also noted:
the protection of the right to privacy of children under a 1990 law; and
the fact that bank records are protected under the constitution, and warrants are required to seize them
I will be going through their country in report in more detail next week and using this as one of the bases for the questions I will ask NGO representatives and parliamentarians in the weeks after wards.
Last week I mentioned the approval of the biometric passports scheme by the European Parliament, and that there were several countries that planned to fingerprint children under the age of 12 despite the legal, ethical and technical problems with this.
However, what I didn´t mention is that – surprise, surprise – Britain is one of the countries that does fingerprint kids, and indeed it has already been fingerprinting foreign children resident in Britain as young as 6. As Privacy International´s Gus Hossein argues on The Guardian´s Comment is Free website, the UK government claims that this is only bcause the EU has forced this upon them when in fact it was the UK government that forced the EU into adopting that position in the first place!
Now, as I mentioned, the European Parliament has pushed the age limit upwards, but will this make any difference to the UK Home Office? Given that the Home Office is still ´carefully considering´ its responce to the kicking it received from the European Court of Human Rights over the taking and retention of the DNA of 857,000 children, I wouldn´t bank on it.
Last week I mentioned the approval of the biometric passports scheme by the European Parliament, and that there were several countries that planned to fingerprint children under the age of 12 despite the legal, ethical and technical problems with this.
ubisurv 