Category: surveillance

Big Brother isn’t listening (at least in Maryland)…

Hot on the heals of my earlier post on the subject, I have just received the news that following the publication of the report in The Baltimore Sun, the Maryland Transit Authority have pulled the proposal to use audio surveillance on their buses.

However, an interesting thing to note in this supplementary report by transport correspondent, Michael Dresser, on the paper’s blog, is that the proposal apparently came about because CCTV cameras these days come with sound-recording built in, and that other transit authorities in Cleveland, Denver and Chicago use it. The MTA administrator responsible for seeking the legal opinion on audio surveillance is quoted as saying “It’s something that’s becoming the standard of the industry.”

So, if I am reading this right here, important policy decisions that have major implications for privacy are being treated simply as technical issues because the technologies that are being purchased have the capabilities. It’s only in this case because the MTA sought a legal opinion that we know at all, let alone that anyone objected. So how many other transit, police or urban authorities or commercial venues in how many places are now regularly using the audio capabilities of cameras without ever having considered that this might be a problem? And what other built-in technical capabilities will simply be used in future simply because they are available? What about the Terahertz Wave scanning that I covered earlier on?

‘X-ray vision’ may not be so far away…

Fascinating and disturbing news from the MIT Technology Review blog that a team of researchers appears to have cracked the problem of how to produce cheap, effective Terahertz Wave (TW) cameras and receivers. TW are found between infrared and microwave radiation, and produce what we called in A Report on the Surveillance Society, a ‘virtual strip search’, as they penetrate under layers of clothing but not much further, and can thus produce images of the body ‘stripped’ of clothing. Thus far, they’ve been used on an experimental basis in some airports and not really any further afield.

This is largely because of the way that TW waves have been detected up until now has basically been a bit of a kludge, a side-effect of another process. This has meant that TW equipment has been generally quite large and non-portable (amongst other things).

However one Michel Dyakonov of the University of Montpellier II in France has followed up theoretical work he did in the 1990s, with a new larger team, to show that tiny (nanoscale) ‘field effect transistors’ can – and they are still not quite sure how exactly – both produce and detect TW. The details are in Technology Review, but the crucial thing for those interested in surveillance is that:

  1. the output is ‘good enough for video’; and
  2. ‘they can be built into arrays using standard silicon CMOS technology’ which means small, cheap (and highly portable) equipment. This could be an add-on to standard video cameras.

I’m getting a genie-out-of-bottles feeling with this, but is it really as damaging to personal privacy as it feels? Does this really ‘reveal’ anything truly important? Or will it become something to which we rapidly become accustomed, and indeed with with which we quickly get bored? In some cultures, specially those that regard covering the body and modesty as being god-given, this is clearly going to present massive challenges to social and moral norms. It seems to me that there is also an immediate conflict with current constitutional and legal rights in several jurisdictions, not least the US Fourth Amendment right not to be subjected to warrantless searches and the European Convention Article Eight on the right to privacy.

But it seems that unless such a technology is banned, or at least particular commercial implementations, we’re about to cross another Rubicon almost before we’ve noticed it has happened. Ironically bans on technology can only really be effective in states where intensive surveillance and state control of behaviour is practiced. In other places, I am not sure banning can be effective even if it were desirable, as in reality, a ban simply means reserving the use of the technology to criminals, large corporations which can afford to flout laws, and the state.

Travel cards: Tokyo vs. London

NB: this post is largely incorrect… at least in the fact that actually the systems are much more similar and becoming even more so. I am not going to change the post (because being wrong is part of research and learning), but will direct you to a more recent post here.

Tokyo and London both have pre-paid smart card systems for travel on public transport. They look superficially similar but also have crucial differences.

JR East's Suica card
JR East's Suica card

In fact, first of all, there are several smart cards from different railway companies in Japan. Each of main privatised regional railway companies has one: the most common in Tokyo are the Suica card operated by JR Higashi (East Japan Railways) and the Pasmo card issued by a collection of smaller private railway companies as well as the TOEI subway, bus and Tokyo Metro systems. JR NIshi (JR West) and JR Toukai (JR Central) also have their own cards, ICOCA and TOICA respectively. They are all now pretty much interchangeable and Suica, which is the oldest system in operation since 2001, in particular can now be used for other kinds of payments in station shops and the ubiquitous Lawson chain of konbini (convenience stores) elsewhere in the city. It also now has a keitai denwa (mobile phone) enabled version in which the card is virtually present as a piece of phone software.

Great! It’s convenient, costs no more than buying tickets separately and if you forgot to bring any cash for your morning paper, you can use Suica for that too.

So, just like London’s Oyster card then?

Well, no.

TfL's Oyster card
TfL's Oyster card

The Oyster card, issued by Transport for London, looks pretty much the same and operates along similar technological lines, but because it also requires the user to register using a verifiable name, address and telephone number, with which the card is then associated, it is effectively also a tracking system, which is gradually producing an enormous database of movement surveillance. And of course this has not gone unnoticed to the UK’s police and security services who have reserved the right to mine this database for reasons of ‘national security’ and detection of crime. If you lose your card or have it stolen, then not only do you lose your £3 deposit, you’d better tell the authorities too or you might end up having some criminal activity associated with your name on the database.

Suica cards, on the other hand, can be bought from any ticket machine, require no deposit and no registration, and it doesn’t matter if you lose them, or leave the country, even for several years.

Tokyo and London’s transport systems have both experienced terrorist attacks so there’s no particular reason why Japan’s authorities shouldn’t have demanded a similar database (if you accept the UK’s reasoning). Tokyo also has a far more extensive, complex and multiply-owned transport infrastructure. Surely this must inevitably lead to an insecure and out-of-control system where disaster is inevitable.

So in which of the two cities does the transport system work far more efficiently? And where is that you are actually less likely to be a victim of crime, and feel safer?

I’ll give you a clue – it isn’t London.

Community Safety in Shinjuku

As well as trying to interview officials at national and city level here, I am also looking at a few different areas of the city, including Shinjuku, where I have done some work before. Shinjuku is a central ward of Tokyo that includes the Tokyo Metropolitan Government (TMG) buildings, part of a growing high-rise district, possibly the busiest railway station in the world, one of the most extensive entertainment districts in the city (not just Kabukicho, the conventional ‘red light’ district, but also a lot of gay clubs and bars), and substantial Korean and Chinese communities.

We had an interesting interview this week with the two officials seconded from the Metropolitan Police Department (keishicho), to run the efforts in Shinjuku (as usual there is a lot more than I can summarise here). We met in the Emergency Control Room, a cramped space full of monitors old and new, walkie-talkies and lots and lots of yellow telephones. We had a brief chat about emergency planning, but as we there to talk security and surveillance, we moved on.

Anzen anshin (or bohan) machizukuri (community safety (or security) development) in Tokyo derives from a TMG ordinance (jourei) of 2003 which encourages all ku (city wards) to implement it. The main reason was that recorded crimes had reached a record high in the city in 2002 (I’ll consider crime figures in Japan and their reliability in another post). There were a patchwork of existing community safety organisations but these appear to have been separate from the chounaikai (local community associations). What the 2003 ordinance did was to make community safety the responsibility of the chounaikai with co-ordination, information and encouragement from the ku administration.

The Shinjuku authorities are very keen on this, much more so than some others, for example, Arakawa-ku where we are living and which I am also examining, which tends to rely on much more conventional policing. This may be a matter of money (Arakawa is nowhere near as wealthy as Shinjuku), but it may also be down to the attitudes of the public and local state officials. This kind of community safety work is time-intensive, and requires a substantial commitment in order to carry out things like citizen patrols (which seem to be one of the core elements).

We also talked about CCTV, which Tokyo started to implement in 2003 as well for the same ostensible reasons. Of course Kabukicho is one of the city-centre pilot areas (along with Ikebukuro, Shibuya, Ropongi and the later addition of Ueno), with over 50 cameras operated by the city police. Given their position it is hardly surprising that they had little time for talk of a ‘surveillance society’ (or indeed even the idea of ‘surveillance’ – the word kanshi provokes quite a strong reaction here – no, no – they are definitely not doing surveillance). They also talked about the co-ordination of shoutenkai (shopkeepers’ association) CCTV systems. It seems that despite their large numbers, these systems are generally not monitored, i.e. there is not control room and no-one is watching. The officials were also certain that the shoutenkai operators themselves were not even allowed to view footage without permission from local police. This is something I will have to investigate more as I have read in the past of shoutenkai representatives claiming the opposite – that they had to give permission for the police to view footage. It seems that both shoutenkai and chounaikai are being encouraged to install CCTV systems, and there are grant systems in place – basically one third comes from the city, one third from the ku, and one third has to be found by the organisation itself from its members.

This means that coverage is very uneven and tends to be restricted to wealthy and / or particularly committed –kai. Shinjuku has many, many shoutenkai systems. Nippori, in Arakawa, in contrast has three cameras – not three systems, but three cameras…

(Thank-you very much to Mr Takahashi and Mr Yabe for their time and patience with my questions).

USA builds massive new space surveillance system

My headline is a slightly more accurate version of the way that news of the new ‘Space Fence’ system has been headlined, for example here in Computerworld. The Space Fence system, whose first stage is a $30 Million US project for Northrop-Grumman, will replace a 1961 VHF radio infrastructure known as the Air Force Space Surveillance System built in 1961.

Although the spin is that the system is all about tracking space debris, this is actually part of the DoD’s satellite tracking operations – which certainly does cover debris, insofar as they are a threat to US satellites, but is also crucially to make sure that an accurate picture of the increasing number of smaller ‘micro-satellites’ from an every-expanding number of countries can be obtained. In that sense, this program is indeed a ‘fence’, a further attempt to enforce the notion that space is effectively US territory.

Data Protection in Japan

Comprehensive data protection in Japan is fairly recent. Until 2003, data protection was still governed under much two earlier ‘ information society initiatives: firstly, the Act for the Protection of Computer Processed Personal Data Held by Administrative Organisation (1988) and secondly, the Protection of Computer Processed Personal Data Act (1990), which are based on the 1980 OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. These laws were limited an applied only to the state, and within that, only to some national government organisations rather than all of them.

Lawyers and those concerned with privacy within and without government were well aware of these limitations, and in the late 90s, a special Privacy Issues Study Working Group was set upby the Electronic Commerce Promotion Council of Japan (ECom). This committee issued Guidelines Concerning Protection of Personal Data in Electronic Commerce in the Private Sector in March 1998. The Chair of that committee, Professor Masao Horibe, provides an account here.

Subsequently, a Personal Data Protection Legislation Special Committee was established in January 2000 under the Advanced Information and Telecommunications Society Promotion Headquarters (now the IT Strategic Headquarters), a body responsible directly to the Japanese cabinet. This body has issued all the laws and directions regarding IT, e-Japan etc.

The need to “protect personal data” (kojin deta) was mentioned in Article 22 of the Basic Law on the Formation of an Advanced Information and Telecommunications Network Society within the rubric of ‘security’. This was followed up by the e-Japan strategy of January 2001, which under the section on the Facilitation of E-Commerce, recommended that “Necessary legislative measures should be taken to win the confidence of consumers, including submission of a bill to protect personal data to the ordinary session of the Diet in 2001.”

The Bill was introduced in March 2001, but as a result of concerns about its effects on the freedom of the press, was left to fall by 2002. However the Personal Information Protection Bill was passed in 2003, one of five bills with implications for data protections to be passed in that Diet session.The bill came into force in 2005. I’ll discuss the content and operation of the bill later, but there’s a good summary in English from when the Bill was passed here.

The one particularly interesting thing to note here is that it doesn’t designate or establish any one body to oversee the operation of the law or the enforcement of rights, or deal with complaints as in European countries and Canada, for example, Instead it keeps data protection as an internal matter for designated government ministries (and for companies), with legal action an option if all else fails. The law is generally on the side of data flow and commercial / administrative convenience, which is not surprising given its origins in industry-led e-commerce promotion organisations.

UK newspaper phone-tapping scandal

Back in the UK, the Sunday newspaper, The News of the World, known largely for its obsession with minor celebrity scandal has been itself the subject of rather more serious investigations, following revelations that it has paid out over £1 Million (around $1.4 M US) to people whose phones it secretly tapped in its search for dirt. Proprietor, Aussie, Rupert Murdoch, is known to satirical magazine, Private Eye, as the ‘Dirty Digger’, and given this showing, he seems to be earning his nickname.

The Guardian editorial highlights this as another threat to privacy, but there’s much more here. Murdoch is one of the most powerful men in the world and his company, News International, covers far more than just Britain – they recently bought the Wall Street Journal, for example. His more ‘serious’ newspaper, The Times of London (for whom, I should declare, I have written a piece once) was very vocal in the past in attacking the recently-retired Information Commissioner, Richard Thomas, first over his comments on ‘sleepwalking into a surveillance society’ and then later on his attempts to bring newspapers under the same regulatory regime over privacy as other organisations.

At the time, it was hard to know what the agenda was; but clearly it was more than the supposedly ‘honourable’ position of acting to protect journalistic independence and the rights of their sources. Now, I think, we can start to understand a little more about the view The Times advocated – perhaps it was simply trying to deflect public investigation into the illegal, underhand and privacy-invasive surveillance practices of other parts of the News International empire.

We should indeed be worried by this, not just because of the activities themselves, but because of the attempts to manipulate public policy and undermine the authority of one of the few people who was interested in, and capable of, attacking abuses of surveillance by the media by an increasingly powerful global private company.

So, does News International own newspapers in your country? Do you know what they get up to? Someone needs to dig the dirt…

More on CCTV in Japan

The slightly left-leaning Asahi Shimbun newspaper had a pretty balanced if uninspiring editorial this week on the spread of CCTV cameras in Japan. The English translation is available here.

The most important thing in the editorial is the recommendation of national laws for CCTV. This would be better than in the UK for example, where there still isn’t any national regulation of CCTV except for the Data Protection Act. The paper’s suggestions are:

  • transparent operational procedures with ‘rigorous conditions’ for the sharing of images
  • third party oversight for police cameras and a ‘help desk where people can complain about being caught on tape’

This is a start, but only a start, and the second one would probably prove completely unworkable especially if cameras become more widespread. It would be rather better for some kind of permission system to operate, where cameras were seen as an exceptional response to a proven need. The paper is already accepting the normality of CCTV cameras in public spaces regardless of the evidence of their effectiveness- which it acknowledges is equivocal (in fact it’s generally much worse than that in the UK) or indeed the wider social impacts.

Japan to introduce resident-monitored CCTV

One of the most interesting developments in recent years has been the way in which the state has attempted to adapt Japan’s traditional culture of responsibilized local community organisations (chounaikai) for the new surveillance society (kanshi shakai, in Japanese). Cynics may well argue that what is called here bohan machizukuri (or community safety development – or sometimes the similar anzen anshin machizukuri) is simply a way in which the government can attempt to save money whilst pretending to be tough on what is always claimed to be a worsening crime rate. It is also true to say that this is also a further perversion of the machizukuri (bottom-up community development) idea that came out of local environmental movements of the 1960s.

Nevertheless, the Japan Times reported that the Keisatsuchou (National Police Agency or NPA) appears to be pushing forward with plans to extend its rather small number of CCTV cameras* into 15 residential areas starting January 2010 (two of which, Higashiyamato and Musashimurayama, are suburbs of Tokyo, and I’ll be visiting these whilst I am here) at the cost of 597 Million Yen (around £3.85 Million or $6.3 Million US). There’s always an underlying fear that is played on when such systems are installed, and in this case it is a classic: the threat to children. The small camera systems(around 25 cameras in size) will be installed on streets that are commonly used by kids going to and from school.

The fact that the schemes are focused on child safety would certainly be one of the reasons why the use of local volunteer committees to watch the cameras and manage the data from local civic facilities like community centres, has been put forward. It could also be in response to opposition from some local residents to what they see as the imposition of unwanted state invasion of their privacy, although according to the Japan Times, the police say it “will help residents to secure safety by themselves.” Their big problem is that there do not appear to be many volunteers yet!

There are many questions here. One mystery is that in Japan most school runs already have several, often elderly, volunteers who look out for children in person,in a more genuinely machizukuri form of bohan machizukuri so why the more expensive cameras? Another massive question is the one around privacy and data protection. How will volunteers be expected to act as official data controllers, especially in such a sensitive area as surveillance of children in public space? Finally, what will the effect be on trust and community relations to have one set of people in the community monitoring others? How will they be held accountable?

These, and many other questions will be just some of the things occupying my time here for the next two months…

*There are just 363 NPA cameras in Japan, however there are more owned by local municipal authorities, particularly in Tokyo, and thousands more operated by private companies and shoutenkai (shopkeepers’ associations).

MI5 in all kinds of trouble…

The British internal security service, MI5, has found itself in all kinds of trouble this week. First there was the report of the inquiry into the intelligence aspects of the 7/7 bombings in London. Although the report ‘cleared’ MI5 of wrongdoing (which was hardly unexpected!), it is clear that there was a catalogue of intelligence failures resulting from aspects as varied as a lack of funding, poor communication between MI5 and police, and simple mistake in judging the seriousness of the activities of those who came to the notice of MI5, particularly the two eventual bombers, Mohammed Sidique Khan and Shehzad Tanweer.

Then today, there have been serious allegations made in The Independent of the MI5 trying recruitment by blackmail on young British Muslims. Basically the modus operandi was to approach the potential informant and tell them that they were suspected of terrorist activities or terrorist sympathies, but that if they cooperated with MI5 then this would be overlooked. However if they refused then their ‘terrorist connections’ would be made more widely known.

All of this, as if it needed pointing out again, leads to the the clear conclusion that the security services need better and more transparent oversight, as well as clearer direction, and yes, perhaps more money (if they can behave themselves). The point is that properly controlled and justified targeted surveillance of genuine suspects (like Khan and Tanweer) is exactly what a security service should do, whereas mass preemptive surveillance (a la Met Police) or random blackmail is not. In fact the latter would tend to be counterproductive as in general, they will increase distrust in government and in particular, drive more young Muslims towards extremism.