There have been a lot of stories about online services breaching privacy, losing user’s data, being hacked, being to willing to give into state requests for information and much more. But not so much on how companies might provide a positive service that works, whilst respecting privacy, free speech and other fundamental rights. But now ACLU has issued a helpful guide. Clearly, it’s designed for business rather than being a critique of businesses and their practices, and as such is hardly a manual for revolution, but it will be interesting to see who takes notice… and who doesn’t.
Category: Rights
Surveillance devices get smaller… but it’s privacy that vanishes.
I’ve been blogging for a while about miniaturization and the ‘vanishing’ of surveillance devices. This disappearance occurs in many ways, one of which is the incorporation of high-tech surveillance features into objects and devices that we are already used to or their reduction to a size and form factor that is relatively familiar. Two examples coincidentally arrived in my inbox over the last week.
The first was the news that the US Navy has awarded a development contract for binoculars that incorporate three-dimensional face-recognition technology from StereoVision Inc (who may well be the bunch of California-based face recog people I met at a biometrics industry show a few years back). This supposedly gets round the problems that standard two-dimensional face recognition has dealing with unpredictably mobile crowds of people in natural light (AKA ‘the real world’). The issue I’m highlighting here however is that we don’t expect binoculars to be equipped with face recognition. Binoculars may not be entirely socially acceptable items, and already convey implications of creepy voyeurism when used in urban or domestic situations, however this is something else entirely.
The second is the extraordinarily rapid ongoing progress towards working handheld terahertz wave technology (a far more effective form of scanning technology than either the backscatter x-ray or millimeter wave systems used in the bulky bodyscanners currently in use at airports). Just four years ago, I noted the theoretical proof that this was possible, and last month, it was revealed that police in New York were testing handheld terahertz wave scanners, (Thruvision from Digital Barriers) which of course people were likening to Star Trek’s tricorders. The idea that the police could perform a virtual strip search on the street without even having to ask is again, a pretty major change, but it’s also the case that the basic technology can be incorporated into standard video camera systems – potentially everyone with a mobile phone camera could be doing this in a few years.
I’m not a technological determinist, but in the context of societies in which suspicion, publicity and exposure are becoming increasingly socially normative, I have to ask what these technologies and many others like them imply for conventional responses based on ‘privacy’. Privacy by design is pretty much a joke when the sole purpose of such devices is to breach privacy. And control by privacy regulators is based on the ability to know that one is actually under surveillance – when everything can potentially be performing some kind of highly advanced surveillance, how is one able to tell, let alone select which of the constant breaches of privacy is worth challenging? So, do we simply ban the use of certain forms of surveillance technology in public places? How, would this be enforced given that any conventional form factor might or might not contain such technology? And would this simply result in an even more intense asymmetry of the gaze, when the military and the police have such devices, but people are prevented from using them? Do we rely of camouflage, spoofing and disabling techniques and technologies against those who might be seeking to expose us? You can bet the state will not be happy if these become widespread – just look at the police reaction to existing sousveillance and cop-watching initiatives…
Here comes the US ID-card push
For a while now, I’ve been wondering why the US didn’t attempt to push for a national biometric ID card system in the wake of the 9/11 bombings.
Given reported statements from biometrics industry bosses about 9/11 being ‘what we’ve been waiting for’ and so on, one might have expected there to be a major effort in this direction but officially, as Zureik and Hindle (2004) point out, the International Biometrics Industry Association (IBIA) was relatively cautious in its post-9/11 press work, although it argued that biometrics had a major role to play in the fight against terrorism. Even the 9/11 Commission didn’t recommend a national ID card scheme, instead limiting itself in its final report to In its final report, to recommending a “biometric entry-exit screening system” for travelers in and out of the USA.
Part of this is because of the uneasy relations between the federal government and states governments, and suspicion of the former from the latter, and particularly from the political right has meant national ID cards have always been out of the question, even in an era of identification. So even though ID is frequently required in social situations, especially in dealing with banks, police and government agencies, the US relies on the ubiquitous driver’s licenses, which are issued by states not by the federal government. I remember from my time living in the US (in Virginia) as a non-driver, that in order to have valid form of ID, I had the choice of either carrying my passport or getting a special non-driver’s driver’s license, which always struck me simply as an absurd commentary on the importance of the automobiles in US life because, being young at the time, the nuances of federal-state relationships escaped me. And of course, passports won’t cut it for most, as less than 50% of US citizens have one.
So, if the apparently ubiquitous threat of terrorism was not going to scare states’ rights advocates and the right in general into swallowing the industry lines about security that they might usually have lapped up, what would? Well, the one thing that scares the right more than terrorism – Mexicans! More seriously, the paranoia about undocumented migrants combined with the spiralling cost of oppressive yet clearly ineffective border control (walls, drones, webcams, vigilantes etc. etc.) seems to have no done what the fear of terrorism could not, and inspired a push on both the centre and the right for ID cards – not that there’s much evidence that biometric ID cards will do a better job of excluding undocumented migrants, given that they do nothing to address what’s driving this migration – the demand for cheap, tax-free labour in the USA.
Today, not only the beltway insider’s bible, the Washington Post has an editorial demanding biometric social security cards for all (and a concomitant reduction in spending on hardening the border) following on from a cross-party senate recommendation, but also the Los Angeles Times, a paper which in the past has often been wary of the march to a ‘surveillance society’ – indeed it was the first major US newspaper to use this term, way back in 1970 as well as publishing critics like Gary Marx (see Murakami Wood, 2009) – has an op-ed arguing for a national ID card. The LA Times version, written by Robert Pastor, also claims that this is necessary to deal with voter fraud, a constant concern of the right and which always has a strong undertone of racism, so it’s unsurprising coming after a black Democrat has been elected as President for a second time in a tight election. Ironically, however, the President whose supporters are clearly the target of such attacks, has recently made it clear that he is also a supporter of a ‘tamper-proof’ national ID system.
No-one has yet made the international competition argument that is also so often used in these debates (‘if India and Brazil can do it, then surely the USA can’), but this debate is now ramping up in a way that even 9/11 couldn’t manage. Interesting times ahead…
References:
Murakami Wood, David. “The Surveillance Society’: Questions of History, Place and Culture.” European Journal of Criminology 6.2 (2009).
Zureik, Elia, and Karen Hindle. “Governance, security and technology: the case of biometrics.” Studies in Political Economy 73 (2004).
(thanks to Sarah Soliman and Aaron Martin for the newspaper articles…)
$100 to anyone who can find a ‘privacy-compliant camera’ in Canada
Actually, the headline (from the Toronto Metro free paper) is a little misleading as what my friend and colleague Andrew Clement is actually betting on here is that no-one can find a video surveillance system in Canada that is fully compliant with Canadian privacy law. Which of course may of may not be the same as ‘privacy’ in any other terms. But it’s an interesting challenge – that is largely to do with signage. Prof Clement and his team at the iSchool at UofT have been monitoring the way in which video surveillance systems in Canada are signed for quite some time. As their website, surveillancerights.ca (which is also where you can try to claim your $100…) says
“Signs should at a minimum clearly tell you:
- who is operating the camera
- who you can contact if you have questions
- the purpose(s) of the surveillance”
The signs should also in themselves be clearly visible, not hidden away somewhere. There’s more detailed information about requirments here.
So, who’s going to take up this bet?
(Thanks to Matthias Vermeulen for the story and Aaron Martin for noticing the difference between privacy and privacy law.)
New Privacy Survey released
Simon Davies, AKA Privacy Surgeon, and the London School of Economics have a great new survey of privacy predictions for 2013 out now. Key quote from the press release:
“More aggressive action by companies to monetise personal information through advertising will inevitably fuel further controversy, while consolidation of markets such as social networking may induce emerging players to engage dangerous privacy practices.”
Whether 2013 is the tipping point in this regard that the survey suggests or not, it is certainly the case that various ‘lines in the sand’ are being crossed on a regular basis at the moment and if the public aren’t as concerned as the experts surveyed for this report, then privacy may even lose even its tactical utility as a way of opposing surveillance, let alone mean the same thing to most people as it used to.
Is Google taking a stand?
According to Wired’s Threat Level blog, Google is taking a rather tougher stance towards the US federal government when it comes to requests for cloud-stored data for investigations. The company is now, it says, asking for judicial warrants from state organisations. As Wired points out, even though this might seem ethically sound, it is dubious legal ground as the US Electronic Privacy Communications Act allows the federal government access to such documents without a warrant. And yet, no court challenge has yet been made by the government to Google’s stance.
So what is going on here? Is Google serious about taking on ‘the feds’ in favour of users? Is this new pro-user line by Google merely contingent and once something ‘really important’ is demanded, the company would cave in? Is there some other kind of backroom deal? Is Google actually being rather cynical because the company knows that the NSA can access everything they have anyway (and probably by arrangement – after all, the NSA helped Google out a lot in its battle with China’s authorities)? I suspect there is much more to this apparently casual revelation…
The Unbearable Shallowness of Technology Articles… or, what Facebook Graph Search really means.
Wired has a feature article about Facebook’s new search tool. The big problem with it is that its vomit-inducing fawning over Facebook’s tech staff. In trying to make this some kind of human interest story – well, actually the piece starts off with Mark Zuckerberg’s dog, you see, he is human after all – of heroic tech folk battling with indomitable odds to create something amazing – what in science fiction criticism would be called an Edisonade – it almost completely muffles the impact of what a piece like this should be foregrounding, which is about what this system is, what is has been programmed to do and where it’s going.
And this is what Graph Search does, very simply: it is a search engine that will enable complex, natural language interrogation of data primarily but not limited to Facebook. So instead of trying to second-guess what Google might understand when you want to search for something, you would simply be able tell you what you ask. And because this is primarily ‘social’ – or about connection, and you should have already given up enough information to Facebook to enable it to ‘graph’ you so that it knows you, the results should supposedly be the kind if things you really wanted from your query. Supposedly. An FB developer in the article describes this as “a happiness-inducing experience” and further says, “We’re trying to facilitate good things.” However what this ‘happiness’ means, just like what ‘friendship’ means in the FB context, and what “good” means, just like the use of ‘evil’ in Google’s motto, is rather different than how we might understand such a term outside these contexts.
In the article, one example demonstrated by the developer is as follows:
[He] then tried a dating query — “single women who live near me.” A group of young women appeared onscreen, with snippets of personal information and a way to friend or message them. “You can then add whatever you want, let’s say those who like a certain type of music,” [he] said. The set of results were even age-appropriate for the person posing the query.
So when Mark Zuckerberg is quoted in the article saying that Graph Search is “taking Facebook back to its roots”, he seems to mean creeping on girls, as was, let us not forget, the main intention of the early Harvard version. Doesn’t this generate exactly the concern that the notorious ‘Girls Around Me’ app encountered? As the title of my favourite tumblr site has it, this isn’t happiness. Or it’s the happiness of the predator, the pervert and the psychopath.
But more fundamentally, this isn’t about privacy, or even online stalking. In fact, in many ways, both are side-issues here. This is about control and access: control over my information and how I access other information, not just on Facebook but in general. To me, the plans outlined for Graph Search look worrying, even outside of my idea of what would constitute happiness, because they have nothing to do with how I use Facebook or how I would want to use it. I don’t use Facebook as my gateway to the Web and I am never going to. As Eli Pariser pointed out in The Filter Bubble a couple of years back, that would both be limiting of my experience of the Web (and increasingly therefore of my communications more broadly) and give one organisation way too much power over both that experience and the future of the Web. But this does seem to be how Facebook wants it to be, and further, I suspect that, just like Bill Gates before him with his .NET initiative and other schemes, and just like the walled garden locked-in hardware that Apple produces, Zuckerberg is more interested in Facebook colonizing the entire online experience, or layering itself so entirely, tightly and intimately over the online world that the difference between that world and Facebook would seem all but invisible to the casual user.
These developments are dramatic enough in themselves. Never mind fluffy stories of heroic techies and their canine sidekicks.
The Mark of the Beast?
I’ve been following a case in San Antonio, Texas, over the last few months in which a couple with literalist biblical Christian beliefs had challenged their daughter’s school over its introduction of RFID-enabled name tags and here are some random thoughts. The latest news is that the pupil, Andrea Hernandez, has lost in the US District Court – it could still be taken higher. The case has attracted plenty of coverage internationally, all largely emphasizing the fact that the student concerned had been threatened with expulsion for her (or her family’s) stance, and the ‘mark of the beast’ rhetoric deployed by the parents and the organisation that enabled them to bring the case, the evangelical Christian civil rights organisation, The Rutherford Institute.
A standard Surveillance Studies analysis might be that this was another case of security at all costs in a risk society, and surveillance as the silver bullet for a non-existant problem or a at least an actual problem that might have been solved by other methods. But actually things are rather more complicated and perhaps more mundane here, and the answers seem to lie, as Francesca Menichelli has suggested in her recent (and as yet unpublished) PhD on the installation of CCTV camera systems in small towns in Italy, in regional political economy and local government competition.
According to the local newspaper, the San Antonio Express-News, when the scheme was introduced, the plan by Northside Independepent School District was essentially not a security or an organisational issue but a matter of gaining access to extra finance. Although the scheme was estimated to cost $525,065 to implement and $136,005 per annum in administration and maintenance, the extra-detailed attendance information resulting from the chip cards could enable them district to access around $1.7 million in state grants.
Essentially, surveillance here is simply something that circulates in competition between entities -whether school districts or cities – for resources. Of course the scheme has not been studied in its actual practice yet so we don’t know what actual difference (or lack of difference) it would make to any pupil in the way that we do for Menichelli’s case-study cities, where CCTV is described as being almost entirely useless because it was never really intended to be used as anything other than a way of winning resources. However it would seem that the ‘surveillance’ is almost entirely secondary or perhaps even irrelevent. However I certainly do not dismiss the possibility that nefarious or even unintentionally damaging things could be done with the location data gathered from the chip cards.
It is also the case that the school district attempted to compromise with the pupil by offering to remove the chip from her ID card, essentially limiting the surveillance that could be conducted of her to conventional visual methods. The rejection of this compromise is the reason the District Court threw out Andrea Hernandez’s case. However if the School District is accepting that there is an opt-out possible on grounds of belief then they are potentially undermining the whole scheme – which relies on the generation of accurate attendance and circulation data. Again, one interpretation could be that they aren’t really interested in the data for itself, which reinforces the argument about the instrumental nature of the surveillance scheme in the state funding context, but the other interpretation could be that the school was banking on her exception being the only one, or one of a tiny number, that would not significantly undermine it. The other question here is: is it really the RFID chip that’s the problem, or the surveillant assemblage of which it is but one tiny part? In rejecting the compromise, Hernandez and the Rutherford Institute seem to be suggesting the latter, and here we are a long way from Christian eschatalogy and the ‘mark of the beast’.
(Thanks to Heather Morgan for initially pointing out to me that it was all about the money!)
War on Terror corrupts US justice
On January 1st this year, US President Obama signed into law the National Defense Authorization Act (NDAA) that, amongst other many other provisions, allows for the US military to indefinitely detain without trial anyone suspected of terrorists acts inside the United States and, the same for anyone captured in battle wherever it is in the world. Even the UK’s provisions, which were widely criticised, were nothing like this, indeed the argument was not about indefinite detention at all, but simply over how many days someone suspected of terrorism should be allowed to be detained without trial: 14 or 28. That’s some way short of indefinite.
Of course, the infinitely compromising and slippery Obama is trying to have his cake and eat by promising that he will not actually allow this power to be used except in strict accordance with the constitution. That may provide some temporary relief for US citizens accused of terrorism, at least and until a more gung-ho President is elected or Obama gives in to demands that he must use it – something military sources are looking forward to, it seems. However the provisions on the treatment of foreign captives effectively provide a legal footing in domestic law for the extrajudicial actions of former President Bush’s establishment of Guantanemo Bay and the associated global network of extraordinary rendition and torture / interogation sites. They undoubtedly contravene the Geneva Conventions (see 75 UNTS 135, for example)and several other aspects of International Law, notably the International Covenant on Civil and Political Rights.
But, this is far from the only current assault on the rights of those who remain innocent in law of any criminal act in the USA. In New York, for example, the New York Police Department in conjunction with the CIA was last year revealed as operating a secret surveillance program against Muslims, titled ‘Ancestries of Interest’. It is unlikely to be the only such program. Like Obama’s indefinite detention provision, this is a perversion of the constitutional rights of US citizens. US police forces from the FBI downwards are not generally permitted to use undercover agents without there being some kind of specific allegation or exisiting evidence of crime. Essentially, this makes a whole community subject to categorical suspicion and permanent infiltration and investigation. It seems that every level of policing and justice in the USA from investigation to trial to sentencing has been indelibly stained by the War on Terror.
But this has all happened several times before of course, and happily not everyone has forgotten their history. Now black Christian pastors who remember the FBI/NSA COINTELPRO operations of the 1960s against black radical and civil rights groups, are reportedly joining with Islamic groups in opposing the NYPD’s racist and islamophobic surveillance program. Along with the challenges being mounted to Obama’s new law by ACLU and others, there are signs that Obama is no longer being given the benefit of the doubt by many of the groups who supported him first time around. How successful any of these moves will be is anyone’s guess but solidarity that moves beyond American Islamic groups having to defend themselves against the howling mob is something of a step forward.
Occupy the Internet!
I’ve been writing for several years now about the creeping attempts by nominally democratic governments to control or even close the Internet (see here for example). This week the biggest such step for some time occurs as the world’s most powerful democracy, the USA, begins a new process of introducing such controls. There are two bills before the House of Representatives (the Stop Online Piracy Bill, SOPA) and the Senate (the Protect IP act), which essentially do the same thing (although the House bill goes further): assert a wide-ranging heavy-handed jurisdiction on the Internet even beyond US borders.
Of course, the US bills do not do this as China does, in the name of political and social order, but in the name of commerce. The bills are supposedly about protecting American intellectual property, however their effect is likely to be severely chilling to free expression and the dissemination of ideas and to innovation, social and economic. The bills, amongst many other provisions, will allow corporation to sue website owners and ISPs for even unknowingly hosting or communicating copyrighted materials illicitly.
As Michael Geist has shown, SOPA in particular also asserts US jurisdiction over vast swathes of the Internet on the grounds that any site whose name is registered with a US registrar is considered a ‘US site’ regardless of the location of its server and given that name-registration of top-level (.com, .org, .net etc) names is entirely controlled from within the USA, the provisions mean that every top-level domain is considered to be ‘US’. Further it claims that IP addresses (the numerical address of site) within the whole North American region (ARIN) which includes Canada, Mexico and the Caribbean, are also ‘domestic’ for the purposes of this law. Basically, the USA is asserting a kind of Munro-doctrine for the Internet.
I wrote, half-jokingly, some time ago that the US state invented the Internet, but they don’t like how it’s being used and now they want it back: this is the demand in writing. The big problem in opposing this is of course the fact that US citizens have already been thoroughly bombarded with propaganda that has told them that they are ‘under threat’ from pirates and hackers and even cyberwar – and that openness makes them insecure. They’ve been told that the Wikileaks model of accountability through openness and transparency is an attack on the USA. In an age of economic insecurity, no doubt the protection of American jobs will also be wheeled out as an excuse.
But this is quite simply another manifestation of immoral corporate greed. Intellectual Property is in itself a kind of information-age enclosure, a concept that, while it may have some use in limited forms, has become so far-reaching that it is ludicrous, and through which financial and legal strength can simply steamroller traditional or alternative visions of fairness, sharing and openness – even though these things have been shown to be vital in real innovation. If this is an infowar, I know which side I am on, and which side you should be on, and it is not the side of Protect IP and SOPA and the negative politics of closure, it is with Anonymous and the Pirate Party, with open flows, open source and open access. We have to tell them that they can’t have the Internet back, it’s ours now. We have to occupy the Internet, to build around these attempts to stifle innovation and sharing and we have to do it now.
In the meantime, you can express your displeasure here: http://americancensorship.org/
See also: The Internet Must Be Defended! Part 1, Part 2, Part 3, Part 4.
ubisurv 