Google does the right thing, but…

Google is, as I type this, closing down its Chinese site as the first stage of its withdrawal of service from mainland China, in response to numerous attacks on the company’s computers from hackers allegedly connected to the Chinese state and ongoing demands to provide a censored service with which they felt they could not comply. The company claims that Chinese users will still be able to use Google, only through the special Hong Kong website, http://www.google.com.hk, which for historical reasons falls outside the Chinese state’s Internet control regime. Whether this will mean that the site will actually be accessible to Chinese Net users is debateable. Some say they cannot access it already. There are also numerous ‘fake Google’ sites that have sprung up to try to make some fast cash out of the situation.

But there’s more to this of course. Google has been widely reported to have opened its doors to the US National Security Agency (NSA) in order, they say, to solve the hacking issue, but the NSA only get involved in matters of US national security – if Google is essentially saying it is effectively beholden to US intelligence policy and interests, I am not sure that this is a whole lot better than bowing to China. You can be sure as well, that once invited in, the NSA will insinuate themselves into the company. Having a proper official backdoor into Google would make things a lot easier for the NSA, especially in populating its shiny new data warehouse in Utah

Support Peter Watts

I’ve been snowed under teaching recently and haven’t been posting much. One thing has really got my goat though and I think it needs wider attention. Those of you who read boingboing will already know, but the SF author, Peter Watts (who wrote the excellent novel of really alien contact, Blindsight) has been convicted of obstructing US border guards and could spend up to two years in prison. This is despite the fact that the border guards lied about the whole incident (they claimed he had tried to choke an officer, when in fact they were assaulting him, a fact admitted in court). He basically got convicted for challenged the guards and getting out of his car to ask what was going on. As Cory Doctorow comments on BoingBoing, this is not about security, this is not about safety, and it is not even about crime as we would recognise it, it is about authority and the massive increase in humourless abuse that has increased so much in recent years, particularly on the US border*. Peter Watts was convicted essentially of not responding fast enough and questioning commands. He’s now posted more on his own blog, including some comments from some of the jury, who couldn’t quite believe the outcome…

Anyone who thinks ‘nothing to hide, nothing to fear’ or truly believes that it couldn’t happen to you, read this a be concerned. Show your support for Peter too. Write to your congressmen if you are in the USA, or Members of Parliament in Canada, write to Ministers and Secretaries of State. Make a fuss. Write to Peter too and tell him you support him.

*And sure, there’s a context, but it seems to me that the post-9/11 situation is used as an excuse by rather too many guards to exercise a petty brutality on anyone who does not conform to their perception of normality. That critical point where liberty comes up against security is just as much about interpersonal encounters like this as it is about grand policy.

UK Parliamentary Committee rejects Government DNA proposals

The House of Commons Home Affairs Select Committee has rejected a key part of the UK government’s new plans for the National DNA Database (NDNAD). The plans came in response to the ruling by the European Court that the NDNAD was being operated contrary to human rights law by keeping the profiles of innocent people indefinitely. The database has been filled largely through the provisions of a very vague and wide-ranging provision that allowed the police to take DNA from anyone arrested for an indictable offence, and to keep it even if they were never even charged (let alone charged and not convicted). The result had been that long-standing prejudices within the police had meant a bias in the databases against young black men, and a rapidly expanding set of profiles of children and the entirely innocent.The NDNAD had also been attacked by the HUman Genetics Commission (the government’s own watchdog) which recommended multiple reforms.

One of the main parts of the government’s response to the European Court ruling was that DNA should be retained for 6 years – the committee has recommended that this be halved to 3 years (we are still talking about the DNA of innocent people here…), and that there should be some proper national system for deciding who gets deleted entirely (at the moment it is at the discretion of Chief Constables of local police forces!). Of course all of these leaves the wider question of fairness and rights undebated. There are only two properly just ways to run a database of this sort. One would be to include only the DNA of those convicted of a crime or suspected in an ongoing investigation. The other would be to include everyone (as the UAE has decided to do). At the moment, the NDNAD is, like most things in Britain, an unaccountable mess of law, customary practice and happenstance that pleases no-one and is also remarkably ineffective for the money and effort put into it. This will only improve slightly even if the select committee’s recommendations are accepted.

Mapping drone strikes

Via Boingboing, an analysis and map of US UAV drone strikes on the tribal regions of Pakistan from 2004. Some good stuff from NewAmerica. What is particularly interested, if not unpredictable, is the way that weaponized UAVs have in the course of just a few years become a ‘normal’ part of the US war machine, with deaths from drone strikes possibly doubling from 2008-9. We can’t be sure of the exact numbers.

German Constitutional Court shoots down new ‘Lawful Access’ Provisions

Germany’s Constitutional Court is one of the few such national institutions that has been brave enough to interpret the right to privacy as actually meaning something that might outweight the state’s desire to know. According to the BBC, in a really strong decision, it has just ruled that a 2008 law, requiring all telecommunications traffic data to be stored for 6 months, violated privacy rights of citizens and should be struck out. Germany had already threatened to veto the European Union’s Telecommunications Directive 2006/24/EC (which came into force last year), a move which prompted the Council of Minister to take the unethical and devious step of redefining the Directive as belonging to the ‘commercial’ field (which requires only majority vote) as opposed to being a matter of ‘security’ (in which there has to be unanimity). We will now see what is the reaction of the German government to their own law being declared unconstitutional, and indeed, what international reverberations this have – the USA will certainly not like this.

(Thanks to ‘Unkraut’ for the pointer)

Closing the Internet

A lot of my current thinking is based around the dynamic of opening / closing. I’ve been considering the way in which elements of state power, and in particular the military and intelligence agencies, regard openness per se as a threat. Now, Wired’s Threat Level blog (just about my favourite reading right now), has an excellent take on the response to what has been termed (in a deliberately mixed-up phrase) the ‘open-source insurgency’. This  is the way in which the ex-head of US intelligence, now working for ‘contractor’*, Booz Allen Hamilton, Michael McConnell. is promoting the re-engineering of the Internet. This is necessary, it is argued, because the current openness of the Net means that terrorists and criminals can flourish. This re-engineering would make attribution, geo-location, intelligence analysis and impact assessment — who did it, from where, why and what was the result — more manageable”. In other words to close the Internet. remove everything that is innovative and democratic about it, and make it easier for agencies like the NSA to monitor it.

Along with a whole raft of measures like extending ‘lawful access’ regimes, introducing corporate-biased copyright and anti-peer-2-peer legislation, censorship and Net filtering, this is an attack on what the Internet has become and to turn it into something simply for consumption – something, in other words, more like television. But there is another layer here too – the US military, I suspect, still has a nostalgic longing for when the Internet was its private domain. It’s a long way from its origins, and now perhaps the military want it back. But it isn’t theirs anymore, it’s ours and we need to fight for it.

* or, more accurately, arm’s length consulting agency of the US state.

Fortress Toronto for G20 summit

There is an interesting article yesterday in the Toronto Star that does a good job of describing what will happen when the G20 arrives in town in June this year.

Of course, it will be accompanied by all the security and surveillance that these days comes as part and parcel of these ‘mega-events‘ (see also: here and here) whether they be sporting, economic or political – with the added hyper-security around world leaders. Rather like the peripatetic monarch’s court that used to be a feature of high mediaeval European societies, the travelling circus of global governance brings with it, its own security norms, creating locked-down ‘islands’ within cities, temporarily removing the rights and liberties of residents, and moving out and on those people seen to be ‘out-of place’ (the homeless, street vendors, protestors and so on). In many cases, ordinary people are suddenly potential troublemakers, and residents are harassed in advance by intelligence services who check profiles, backgrounds, political affiliations and so on. Business within the zone are usually negatively affected – even if the case is made, as it normally is, that there will be some nebulous ‘economic benefit’, which (oh, so conveniently) happens to cover the costs of security. The events are often also ‘test-beds’ for new technologies of surveillance and security – last year at the Pittsburgh G20 summit, we saw the use of sonic weapons on protestors for example.

Why do cities put up with this? Well, it’s all about inter-urban competition. For urban authorities these mega-events reinforce the global status of the city, or allow it to climb the ever-incrasing numbers of rankings of ‘world cities’ of ‘global cities’.  Toronto, like so many other cities in the second or third rank of global cities, is obsessed with appearing to be world class, and the local government will put up with almost any kind of inconvenience to its citizens that is seen to benefit the city’s global status.

I’ll be keeping an eye on developments, but if I was a Toronto resident, and if I could, I’d just leave town for a couple of weeks before and during the event…

SSN to do new Surveillance Society report for ICO

The same team that did the influential Report on the Surveillance Society for the UK Information Commissioner’s Office (ICO) back in 2006 will be doing a follow-up report on the state of surveillance in the UK for the ICO and the national Parliament this year. Many of the things discussed in that report, which I coordinated, have been accelerating and intensifying, most obviously things like airport body-scanning and the use of drone surveillance cameras, but other things have stalled or slowed, for example the implementation of the ID card regime and more widespread use of RFID tags outside of inventory systems. We’ll be assessing the state of play and making some recommendations as a result. The project this time will be led by Professor Charles Raab in Political Science at Edinburgh University, and one of the world’s leading experts on privacy regulation, and will also include Dr Kirstie Ball of the Open University Business School, Professor Clive Norris of the Centre for Criminological Research at Sheffield, Professor Steve Graham from the Global Urban Research Unit (my old place) at Newcastle University – all in the UK – as well as myself and Professor David Lyon here at the Surveillance Studies Centre at Queen’s University, in Ontario. It will be great to be back working with the whole team again, and I hope we can contribute to a more focused debate and some real changes to UK policy and practice. We shall see…

Microsoft takes Cryptome down!

John Young’s Cryptome is perhaps the world’s most informative repository of (now, not so) secret documents and whistleblower’s information. Around since 1996, and with its multiple mirror-sites and determined owner, governments have tried and failed to close it down. However now the evil monopolist and maker of appalling bloatware, Microsoft, has succeeded where states have failed by issuing copyright infringement threats against its ISP, Network Solutions. This apparently worried the company more than any government, and as seems to be the usual craven attitude in these cases, the ISP backed down. According to Wired, they have even put a block on the transfer of the domain name so John Young can’t move ISPs…

The problem was that Cryptome published a short Microsoft document, the Microsoft Online Services Global Criminal Compliance Handbook, about the storage and handling of user data held on online servers,which also offers advice on subpoena tactics, info about state backdoors and more. The odd thing is that this document is old news and openly available elsewhere on the web, including via the link above. Given Microsoft’s well-documented links to US intelligence, could this just be an excuse to take out Cryptome, which has revealed so much about the National Security Agency over the years? Or is this just Microsoft’s usual clumsy, blinkered legal blundering?

Do we need to be concerned about a new iPhone face-recognition app?

The Huffington Post has got itself in a twist about a new iPhone face-recognition app, Recognizr, that it claims will enable someone to take a person’s picture and instantly give them access to all their social networking details. Except that isn’t quite the case. As one (largely ignored) commenter points out, it’s not quite as the HP portrays it. It isn’t an open system – the original story (linked in the HP one) says that you have to opt in to the system, and upload your photo, and other social networking sites you want to be linked, into the developer’s own database. So only those who have decided they want to be part of this system can be recognised and linked. It’s only a rather small step from existing methods of social networking, and perhaps considered as the face recognition equivalent of giving out a business card. There’s the potential there for all kinds of development from this though, I would agree, but this isn’t (yet) a stalker’s or a marketer’s dream.

You can find the Swedish developer, The Astonishing Tribe (err, TAT!), here, and the source story, which is just slightly more circumspect, from Popular Science, here.

(Thanks to David Lyon for the link to the HP story).