understanding the importance and impact of anonymity and authentication in a networked society
navigation menu top border

.:home:.     .:project:.    .:people:.     .:research:.     .:blog:.     .:resources:.     .:media:.

navigation menu bottom border
main display area top border

« May 2007 | Main | July 2007 »

Excuse me, are you a threat to aviation security? Canada’s no-fly list

posted by:Katie Black // 11:59 PM // June 26, 2007 // ID TRAIL MIX


Picture this: you are traveling to an important conference in Ottawa, titled the Revealed “I”. While getting your boarding pass, the airline attendant asks for a piece of government-issued photo ID. You provide it and wait for him to smile and print your boarding card. He doesn’t smile. In fact, he looks concerned, makes a phone call and tells you to step aside. You are prohibited from boarding you flight because, in that moment, you were silently labeled “an immediate threat to civil aviation”. [1]

While this hypothetical will remain an incredulous story for most Canadians, it will realize for some over the course of the next year. [2] If your name, age and gender match that of an individual on Canada’s Specified Persons List, implemented on June 18th, 2007 as part of Transport Canada’s Passenger Protection Program, you might be barred from boarding an aircraft. Regulation [3] responsible for the program requires all airline carriers in Canada to screen passengers over the age of twelve [4] on domestic and international flights against those described on the List. Once a match is made, the airline carrier is obligated to contact the Minister of Transport or his authorized official and have him or her verify the individual’s identity and decide whether or not to permit boarding. If individuals find themselves on the list, they can have their case independently reviewed by applying to Transport Canada’s Office of Reconsideration (OoR). [5] If they remain unsatisfied, they can appeal the OoR decisions to the Federal Court, the Security Intelligence Review Committee, the Commission for Public Complaints against the RCMP or the Canadian Human Rights Commission.

While this program superficially appears to further Canada’s goal of increasing aviation security, many concerns have been raised regarding the impact of the program’s design and implementation on privacy and anonymity in Canada. This ID Trail Mix will briefly survey the main concerns raised by such public interest groups as the BC Civil Liberties Association (BCCLA) and the Council for American Islamic Relations (CAIR-Canada). It will explore: i) the potential inadequacy of the Passenger Protection Program in light of forgery techniques, ii) concerns regarding how the list is compiled, iii) the potential for violations of Canadians’ privacy rights through the sharing of personal information with foreign governments, iv) the possibility for mistaken inclusion on the list and v) the potential that Canada’s no-fly list could lead to the targeting and profiling of racialized groups.

Forged Documents

It remains unclear how the Passenger Protection Program will get around the practical problem of forged documents. With ID cards so easily forged, how does asking for one reduce the threat of on-board terror? Moreover, are terrorists or other threatening individuals likely to fly under their own name? Speaking to this concern in an interview with CBC News, Barry Prentice, Director of the Transport Institute at the University of Manitoba in Winnipeg, commented, “I don’t think it’s going to help one bit. What terrorist is going to travel with their own name and passport? These people are going to steal or create a forged passport and identification if they’re going to do anything, anyway”. [6]

Also pertaining to the program’s efficacy, in 2005, the Privacy Commissioner submitted the following question to Transport Canada: “what studies, if any, has the department carried out to demonstrate that advance passenger information will be useful in identifying high-risk travelers”? Transport Canada provided the following response on their website, “the Passenger Protect program proposes to use a watchlist to prevent specified individuals from boarding flights based on practical global experience and risk assessment rather than specific studies”. According to Allen Kagedan, Chief of Aviation Security Policy for Transport Canada, such lists are increasing air travel safety as, “they do work”. However, when asked by reporters, he could not cite any specific instances of when it worked. “The problem with giving examples” he said, “is that they defeat security and also, ironically, defeat the privacy rights of those individuals”. [7]

How is the list compiled?

Does notification of one’s inclusion on the Specified Persons List also defeat security? It may because the list is not available to the public. [8] People can only find out if they are on the no-fly list once they are prevented from boarding their flight. [9] The wording of the regulation [10] is such that anyone who i) poses a threat to aviation security, ii) could endanger the security of any aircraft or aerodrome, or iii) the safety of the public, passengers or crew members would be placed on the list by the Passenger Protect Advisory Group [11]. This will result in a “dynamic” list, according to Mr. Kagedan, as intelligence agencies must re-assess their “reliable and vetted” security information every 30 days. [12] While it is clear that this would likely include “an individual who has been involved in a terrorist group [or] has been convicted of one or more serious and life-threatening crimes against aviation security”, [13] it is unclear if it would also include such people as Andrew Speaker, the Atlanta lawyer, who was placed on the American no-fly list because he had a rare form of tuberculosis. In the Canadian context, would a communicable disease constitute a threat to aviation security?

Will Canada’s no-fly list be shared with foreign governments?

The extent to which the regulation allows Canada to share information contained on its no-fly list with foreign governments is also unclear. According to the Privacy Impact Assessment (PIA) Executive Summary of the Passenger Protection Program, “law enforcement and intelligence information on Specified Persons received from Canadian, or foreign or multilateral, law enforcement or security intelligence agencies” will be kept and gathered using the Passenger Protection Program. It will be used for the sole purpose of increasing transportation security. [14] Moreover, comments made by Brian Brant, who serves as Director of Security Policy for Transport Canada, during the Air India Inquiry presided over by former Supreme Court Justice Major, indicated that “names of Canadians on the forthcoming federal list could end up in the hands of foreign governments, whether or not Ottawa gives its official consent to sharing the information”. [15] While the list of names will only be initially released to commercial airlines, foreign governments could access the names without the consent of the Canadian government by going to the airlines. The lists could be accessed via the airlines that are based in the foreign country. “Should their national government require that information of them”, Brant testified at the inquiry, “that's up to them to decide what they want to do with that information. We recognize that possibility exists”. [16] As such information sharing, either voluntary or involuntary, between Canada and foreign governments is likely.

It wasn’t me: the possibility for mistaken inclusion on the list

While the new no-fly list may add the kind of excitement to one’s travel plans as experienced by Conservative MP John Williams - who was temporarily grounded because his name appeared on the American no-fly lists - it also means that many innocent people are going to be swept up in the list’s identity net. One need only look at how the American no-fly lists ballooned out of control. At one point, it contained more than 70, 000 names including those of civil libertarians, peace activists and most notably Senator Ted Kennedy. [17]

Although individuals who have been wrongfully identified on the Canadian list retain the right to reconsideration through the OoR process (see above), Canada’s Privacy Commissioner, Jennifer Stoddart, warned that the list could become “a nightmare for ordinary Canadians”. [18]

On the bright side of things, one retains a statistically smaller chance of being on Canada’s no-fly list than on America’s. This is because fewer than 1,000 names are thought to be on Transport Canada’s Specified Persons list at the moment. [19] Advocates for CAIR-Canada, however, argue that this statistical good news will disproportionately apply to non-racialized groups. CAIR-Canada fears that Canada’s no-fly list has the potential to lead to the targeting and profiling of Muslims and Arabs in Canada.

The chill sets in: fears of racial profiling

People within Canadian Muslim and Arab communities already report that they disproportionately experience the effects of social and technological changes aimed at ensuring “national security”. In Faisal Babha’s article, “The Chill Sets In: National Security and the Decline of Equality Rights in Canada”, he writes that in a post-9/11 era “ensuring ‘national security’ has become a euphemism for ethnic and religious profiling, and that the Anti-Terrorism Act (ATA) has become a guise for the systematic targeting and demonization of Muslims and Arabs”. [20] While hard data indicating that Muslims are being systematically profiled by government agencies is challenging to acquire, [21] it is clear that “Muslims and Arabs in Canada have been thrust involuntarily into the spotlight of the national consciousness”. [22] The effects of the no-fly list are likely to intensify that light as “Muslims are already subject to increased scrutiny at airports” [23] and “among Muslims, there’s a great similarity in names and it’s very easy for names to be the same or similar”. [24] While this will practically translate into Muslims and Arabs being disproportionately mistaken for those on the list, it might also have the corollary effect of generally increasing the sense of insecurity and incidents of discrimination experienced by these populations. [25] As Faisal Babha wrote, “profiling is a simplistic response to a complex problem; it involves highlighting a specific characteristic about a person, unrelated to that person’s actual deeds, and extrapolating to reach a presumptive conclusion about the person’s intentions and probable conduct”. [26]

While fears of racial profiling are being voiced in relation to racialzed members of society, Jennifer Stoddart phrased the same concern of the use of one’s identity more generally. As she sees it, the problem is that the list exemplifies “the increasingly intrusive use of your identity in order to make decisions about you as an individual, [decisions] that are pretty drastic… Every time we go to the airport, are we going to expect to be challenged?” [27]

[1] A threat to aviation security is explained in the section 4.72(2)b of the Aeronautics Act, as threat to “any aircraft or aerodrome or other aviation facility, or to the safety of the public, passengers or crew members”.
[2] According to section 4.72(3)(b)(i) of the Aeronautics Act, the Act that provides the Minister of Transportation with the statutory authority to create the new Passenger Protection Program as a “security measure”, the Minister must repeal the security measure before the day that is one year after the notice of the measure was published. Notice of the Identity Screening Regulation was published on April 26th, 2007.
[3] Section 3.2 of the Identity Screening Regulation outlines the screening protocol that airline carriers must follow. They are required to obtain either one piece of valid government-issued photo ID or two pieces of valid government-issued ID prior to boarding. The Identity Screening Regulation was created by the Department of Transport Infrastructure and Communities on April 26th, 2007, is under the statutory authority of the sections 4.71 and 4.9 Aeronautics Act which gives the governor in council the statutory authority to make regulation with respect to aviation security. The Public Safety Act, 2002, which received Royal Assent on May 6, 2004, made these changes to the Aeronautics Act as part of Canada's National Security Policy. The Identity Screening Regulation was registered by the Department of Transport Infrastructure and Communities in order to create the Passenger Protection Program.
[4] An exception to the identification requirement is currently being granted to children between the ages of 12 and 17. They only need to present one piece of government-issued ID until the mid-September.
[5] Transport Canada, Office of Reconsideration, available online: http://www.tc.gc.ca/reconsideration/menu.htm. [6] Barry Prentice, in an interview with CBC News reporters on Monday, June 18th, 2007. [CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html]
[7] Allen Kagedan in an interview with CBC reporters on Monday, June 18th, 2007. [CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html].
[8] During the question period on Monday, June 18th, 2007, Liberal MP Joseph Volpe demanded that the government release the names of those on the no-fly list. Meanwhile, NDP MP Joe Comartin proposed that while the government should not get ride of the list, it should at least set up an ombudsman to handle cases where innocent people find themselves on the list. [CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html]
[9] CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html.
[10] Section 50.(4)(b) of the Canadian Aviation Security Regulation of the Aeronautics Act.
[11] The advisory group, led by Transport Canada, is comprised of a senior officer from the Canadian Security Intelligence Service (CSIS), a senior officer of the Royal Canadian Mounted Police (RCMP) and a Transport Canada representative. Once on the list, membership is reevaluated every 30 days. [Transport Canada, (June 8th, 2007) Passenger Protects: Privacy Impact Assessment (PIA) Executive Summary, available online: < http://www.tc.gc.ca/vigilance/sep/passenger_protect/executive_summary.htm >]
[12] Allen Kagedan told CBC reporters on Monday, June 18th, 2007 from CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html.
[13] Cited by Transport Canada as possible instances where a person would be placed on the list in the article by CBC News, titled Critics alarmed by Canada's no-fly list.[CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html]
[14] Transport Canada, (June 8th, 2007) Privacy Impact Assessment (PIA) Executive Summary, available online: < http://www.tc.gc.ca/vigilance/sep/passenger_protect/executive_summary.htm>.
[15] CBC News, (June 5th, 2007) No-fly list could end up in foreign hands, Air India probe is told, available online: http://www.cbc.ca/cp/national/070605/n0605112A.html.
[16] CBC News, (June 5th, 2007) No-fly list could end up in foreign hands, Air India probe is told, available online: http://www.cbc.ca/cp/national/070605/n0605112A.html.
[17] CBC News, (June 5th, 2007) No-fly list could end up in foreign hands, Air India probe is told, available online: < http://www.cbc.ca/cp/national/070605/n0605112A.html >.
[18] CBC News, (June 13th, 2007) Privacy commissioner ordered to testify at Air India inquiry, available online: http://www.cbc.ca/canada/british-columbia/story/2007/06/13/airindia.html; Barry Prentice, Director of the Transport Institution at the University of Manitoba Winnipeg, told CBC reporters that some travelers are going to be wrongly identified as security risks under the Passenger Protection Program. [CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html]
[19] CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html.
[20] Faisal Babha, (2005) The Chill Sets In: National Security and the Decline of Equality Rights in Canada, 54 U.N.B.L.J. 191 at 192.
[21] A report by the International Civil Liberties Monitoring Group, In the Shadows of the Law: A report by the International Civil Liberties Monitoring Group (ICLMG)in response to Justice Canada’s 1st annual report on the application of the Anti-Terrorism Act (Bill C-36) (14th May, 2003); online: Development and Peace www.devp.org/pdf/shadow.pdf, argues that the ATA’s reporting process is too narrow in scope. Consequently, it does not accurately indicate and reflect the ATA’s effect on Muslims and Arabs, as well as other aboriginal rights and anti-globalization activists.
[22] Faisal Babha, (2005) The Chill Sets In: National Security and the Decline of Equality Rights in Canada, 54 U.N.B.L.J. 191 at 195.
[23] CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html.
[24] Larry Shaben, former Alberta MLA and current president of the Edmonton Council for Muslim Communities, cited in CBC News, (Monday, June 18, 2007) Critics alarmed by Canada's no-fly list, online: http://www.cbc.ca/canada/story/2007/06/18/no-fly-list.html.
[25] Canadian Arab Foundation, Arabs in Canada: Proudly Canadian and Marginalized, (Toronto: Canadian Arab Federation, 2002).
[26] Faisal Babha, (2005) The Chill Sets In: National Security and the Decline of Equality Rights in Canada, 54 U.N.B.L.J. 191 at 197.
[27] Don Butler, (June 8th, 2007) “No-fly list curbs privacy rights: commissioner ‘Quite a nightmare’ ahead for some; Stoddart urges updated privacy act”, The Ottawa Citizen.

| Comments (11) |


posted by:Julia Ladouceur // 09:41 AM // June 20, 2007 // Student I

The Student "I": A student conference on privacy and identity
University of Ottawa, Faculty of Law
October 25, 2007

Graduate and undergraduate students from all disciplines are invited to submit an abstract for The Student “I”, a student conference on October 25, 2007 at the Faculty of Law, University of Ottawa, Canada.

Preceding the Revealed “I” conference hosted by researchers from On the Identity Trail, this day long student conference brings together students from around the world, selected through a peer-review process, to present research relating to identity, privacy, anonymity, technology, surveillance, and other related topics engaged by the On the Identity Trail project.

Abstracts should not exceed 1,000 words (including notes and citations). Successful abstracts will seek to make an original contribution. Inter-disciplinary submissions are encouraged. Abstracts should be accompanied with a short bio, which should include the student’s program and institution of study, and an email address for correspondence. The deadline for abstracts is July 1, 2007. Send to:

Julia Ladouceur
University of Ottawa
Faculty of Law, Common Law Section
57 Louis Pasteur Street
Ottawa, ON K1N 6N5
Email: anonplan@uottawa.ca

Successful applicants will be notified at the email address provided no later than August 1, 2007. Successful applicants who are unable to obtain funding from their home institution may apply for a student bursary to cover expenses relating to travel and accommodation.

| Comments (0) |

Who Needs Your Name?

posted by:Jason Millar. // 11:59 PM // June 19, 2007 // ID TRAIL MIX


Every now and again I Google my own name. If you’ve never Googled your own name, try it. It’s a strange way to spend fifteen minutes—there’s not much to be found, in my case—but every time I do it something different pops up in the search results. Sometimes I check to see if a new piece of information associated with me has trumped the usual results, other times, and for reasons still not clear to myself, I simply want to make sure that my stuff is on the first page of hits.

I know there are other individuals out there who share my first and last names. I met one once. Recently, while undergoing a security check for some work I was doing, it wasn’t until I provided my fingerprints and middle name that I was eventually cleared. I can only surmise the existence of another Jason X Millar (maybe the one I once met) who is less trustworthy than myself according to those who know and care.

One thing I have noticed, I’ve been Googling my name for years, is that there are more and more pieces of information associated with various Jason Millars popping up in the results. Many of those pieces of information are associated with me. But there are other individuals named Jason Millar out there—artists, soccer players and a host of other random individuals with random interests and opinions have posted information about themselves. I can only imagine that anyone interested in compiling all of the stuff exclusively associated with me would have some fancy guesswork to perform in the filtering. This is because it isn’t at all clear which of the information belongs to a single Jason Millar.

The same problem occurs when trying to piece together random information collected about random individuals. When trying to aggregate it under a name, complications arise due to the problems associated with authenticating the data.

This assumes, of course, that someone would be interested in stitching together what are ostensibly disparate chunks of information into an aggregated whole that would describe various aspects of a single individual’s life in a more holistic manner. To be sure, one could imagine data mining projects that involve this type of aggregation, such as the kind that could be used for psychological profiling. But for a great many applications—perhaps profiling for marketing purposes—the kind of complete data mining that would involve stitching together information under the heading of a name, might not be as important as it first seems.

Stitching a person’s information together based on first and last names is complicated. Authentication can be a tricky business where privacy laws are in effect, and the fact that there are so many “Jason Millar”s in the search results makes one wonder how useful names really are to those who know and care to authenticate information as mine.

In fact the more I do these searches the more I’m convinced that, in the information age, traditional identifiers that tend to make us want to associate complete sets of information with a “me”, or “her”, or any “particular individual” in the first place, are becoming obsolete. The type of association that seeks an identifiable individual at the focal point of the relevant information may soon be replaced by newer means of association and identification, which will allow individuals to aggregate information about other individuals through the various proxies indirectly associated with them.

I can only imagine that my name, address, phone number and other personal information traditionally used as a starting point when aggregating information about me will cease to be of primary relevance to the vast majority of individuals interested in accessing me for, say, marketing purposes. In their places, sets of numbers uniquely associated with the things I wear and carry with me on a daily basis will provide a highly reliable, and oddly descriptive, means for identifying {me}.

Here’s why this is plausible…

Consider the fact that in the near future every item that rolls off of an assembly line will have an Electronic Product Code (EPC) associated with it, and often embedded in it. Simply put, an EPC is a unique number, or identifier, for every product; every shoe, can of pop, bag and watch will have one—Wal-Mart says so. EPCs will be readable by any compatible reader operated by anybody who owns it (or them), and they will be very cheap. Now consider the fact that every communication device already has a unique identifier associated with it; every cell phone, Wi-Fi device, laptop, Bluetooth device, PSP and Nintendo DS has some hardware identifier associated with it per the relevant communication protocol—international telecommunication standards say so. Our future includes visions of wirelessly (ad-hoc) networked municipalities in which individuals are perpetually connected by means of their portable communications devices.

Any one of those numbers can function as a proxy in identifying an individual, even though only one number would be relatively unreliable if the task were ensuring that the same individual is carrying it at any given time. But with these two pieces in place it is easy to imagine networks of EPC readers constantly logging the information associated with the products I carry, and computer networks constantly logging the presence of communications that my wireless devices are constantly transmitting by virtue of their perpetual connectedness.

Let’s focus on EPCs for a moment, and imagine that consumer profiling is the application of the day (though it could easily be employee profiling). Every day I get dressed and leave the house carrying various products with me. Every set of numbers that is read at a given time will represent the set of EPCs I am carrying. On any given day that set will be different, owing to various possible combinations that I might possess at the time. However, over time the complete set can be built up by whatever network is logging the EPCs given that EPCs will begin to associate themselves with one another in the database. For example, my shoes will form a common link between many of the shirts and pants I wear, such that my EPCs will allow complex inventories to be built about my possessions. After a given time, by reading a subset of EPCs, a relatively unintelligent system could be extremely confident which complete set of EPCs it was dealing with, meaning that any future subset that is read and associated by relatively few common EPCs could be deemed part of the same larger set. Of course, every reader is associated with a location, such that a smart network of readers would be able to track the movement of the EPCs through space.

If you add the known locations of wireless ad-hoc network routers into the mix, sets of EPCs moving through space can be associated with particular communications devices. This means that information flowing to and from those devices on privately owned networks could be associated with the sets of EPCs. Anonymous blog postings, emails etc. could all potentially be associated with the set of EPCs and wireless devices.

Anyone interested in understanding a set’s purchasing patterns, its certain eating habits, daily movements, etc. need not know anything about credit card transactions, names, phone numbers, addresses or any of the other traditional pieces of personal information deemed sensitive. In fact, the particular individual at the locus of the set of numbers simply disappears, replaced by the things that matter most to marketers: information about an inventory of products and a means of communicating with whoever is associated with them. Access to whatever is at the locus of buying power, or at the locus of influencing buying power, is all that counts in profiling for marketing.

Speculating about the kinds of information that can be gleaned about the sets in this kind of environment could run pages. The point I want to make is that there will be the ability to identify clouds of numbers that self-associate through the indirect association they have with the individuals carrying them. The other point is that aggregating the associated sets does not involve directly identifying the individuals carrying the items.

I am not a lawyer, but I have heard a lot of mention of emanations lately (search the ID Trail blog for “Tessling”). Given the sketch provided here the questions I would raise are these:

a) Are the emanations coming from an individual’s possessions personal information or not, especially where identifying the individual in the traditional sense becomes unnecessary?
b) Does an individual have a reasonable expectation of privacy with respect to these kinds of data?

It seems we should gather opinions before the readers hit the streets. I’ll let the lawyers comment.

| Comments (0) |

Does Google Creep You Out?

posted by:Jeremy Hessing-Lewis // 08:49 AM // June 18, 2007 // General

CNET reports:

Saturday, the British activist group Privacy International released a scathing report that said the company is "hostile to privacy" and ranked it the lowest out of nearly two dozen major Web sites when it comes to privacy issues.

Google Maps Street View was singled out. "Techniques and technologies (are) frequently rolled out without adequate public consultation (e.g. Street level view)." Google also has a "track history of ignoring privacy concerns," the report said. "Every corporate announcement involves some new practice involving surveillance."

| Comments (0) |

it’s different for girls: the importance of recognizing and incorporating equality in discussions of Internet speech

posted by:jennifer barrigar // 11:59 PM // June 12, 2007 // ID TRAIL MIX


Kathy Sierra used to run her own blog, one that had attained No. 11 on the Technorati.com Top 100 list of blogs (as measured by the number of blogs that linked to her site). These days, however, when one logs on to Kathy Sierra’s blog Creating Passionate Users one is presented with a post from April 6, 2007 where she writes:

As for the future of this blog, I know I cannot just return to business as usual -- whatever absurd reasons have led to this much hatred for me (and for what I write here) will continue, so there is no reason to think the same things wouldn't happen again... and probably soon. That includes anything that raises (or maintains) my visibility, so I will not be doing speaking engagements--especially at public events.

Sierra first went public in March 2007 about threats she had received on her own and other sites that included: photos of her with a noose around her neck; photos of her with a muzzle over her mouth apparently smothering her; and violent and sexual messages that included her home address. She cancelled public appearances and has ceased blogging (at least for the time being).

Nor is this issue confined to the so-called blogosphere, as the recent controversy around AutoAdmit shows. (Anonymous) posters on AutoAdmit, which bills itself as “the most prestigious college discussion board in the world”, and an allegedly related web-based contest rating the “Most Appealing Women at Top Law Schools” featured photographs, personally identifiable information, sexually explicit and derogatory comments on a number of womyn. [1] Some of these womyn spoke to Ellen Nakashima of the Washington Post about the situation, alleging that the postings were not only personally but also professionally damaging.

As these incidents have garnered more attention, debates have primarily focused on the question of censorship versus free speech, with such attacks glossed over as an unfortunate side effect of (important) anonymous internet participation but ultimately unrepresentative of the majority of Internet readers/speakers. Where the issue of gender is put in the forefront, discussions have tended towards what Joan Walsh, writing at Salon.com, characterized as “…telling them to stop wearing such provocative outfits online, lest they get that they deserve.” Dahlia Lithwick, at Slate.com, suggests that discussions about the issue have too often been framed in terms of “are women tough enough?” or “are women playing victim.” Such approaches have the unfortunate effect of seeming to focus on gender, without ever truly examining the underlying equality implications of such actions.

Lithwick claims, in her article Fear of Blogging: why women shouldn’t apologize for being afraid of threats on the Web that “…the Internet has blurred the distinction between a new mom’s whimsical blog about the new baby and Malkin or Ann Althouse blogging about politics. The intent of these writers is totally different, but on the Internet, that difference evaporates.” Although Lithwick is arguing that not all womyn bloggers are public figures, in doing so she seems to accept that at least some bloggers are public in such a way that such attention(s) may not be entirely unexpected. In a similar vein, the operators of AutoAdmit commented in the Nakashima article in the Washington Post that “…some of the women who complain of being ridiculed on AutoAdmit invite attention by, for example, posting their photographs on other social networking sites, such as Facebook or MySpace.” In fact, it seems that the mere presence of a womyn in online spaces may be enough to attract unwanted attention -- a University of Maryland study of IRC chatrooms in 2006 found that female usernames received 25 times more threatening and sexually explicit messages than did those with male or ambiguously-gendered usernames – an average of 163 messages a day.

Existing remedies to these problems seem either non-existent or ineffective. A panel discussion [2], convened at Harvard University to discuss the issue of Internet Speech, focused extensively on the AutoAdmit issue. Much of the discussion revolved around what, if any, remedies might be available to the affected womyn and against whom they could be exerted. Various panelists suggested that the students might seek redress via: suits against the ISP and/or the website operators, from the individual posters themselves, from the individual universities under a claim that the posts constituted sexual harassment and the Universities had obligations under Title IX to take action against it, and through the medium of defamation or privacy torts.

The womyn affected have taken various forms of action already. Kathy Sierra reported her harassment to the police as well as going public about it online. Some of the womyn in the AutoAdmit conflict have hired Reputation Defender to try to address the issue. [3] Joan Walsh admits that pervasive misogyny on the Web has impacted her own voice, but still concludes that “[a]nd yet, mostly, women on the Web just have to ignore it. If you show it bothers you, you’ve given them pleasure.” A 2005 Pew Internet & American Life Project report suggests that other womyn have internalized this lesson and are simply avoiding participation – the report, entitled How Women and Men Use the Internet, shows that participation in chat and discussion groups dropped by 11% between 2000 and 2005 due to womyn choosing not to participate.

I am concerned about these remedies, concerned that womyn’s options seem to be to fight an isolated and individual battle, to just “deal with it” or to walk away, silenced. I am concerned that the remedies offered all seem to be focused on individual situations and harm. By focusing on individuals and individual remedies, we may lose sight of the larger issue.

Dahlia Lithwick’s article examined the differences between offline and online communication and argued that there are quantitative differences at work when it comes to these kinds of attacks and threats. She concludes:

No woman should have to choose between writing – either personally or professionally – and being told that her family will be raped. Sadly, that appears to be the current choice. But the important inquiry isn’t whether she should drop out or not. Nor is it whether she should stop whining or keep screaming. Those questions are personal and subjective, and the answers will be as different as the writers who consider them. The better questions are: Are these threats serious? Why do they feel so serious? How often do they result in something serious? And what might we do about it? Gender differences are only the beginning of the important discussions – not the end of them.”

With all respect to Ms. Lithwick, gender differences may only be the beginning of the discussions, but they are a beginning that has neither been fully explored nor fully weighted in these debates. Gendered, sexualized threats are inherently serious, not only because of the violence or danger of it, but because of their impact on equality.

Another Washington Post article from April 2007 suggests that:

As women gain visibility in the blogosphere, they are targets of sexual harassment and threats. Men are harassed too, and lack of civility is an abiding problem on the Web. But women, who make up about half the online community, are singled out in more starkly sexually threatening terms..

The problem with looking at this issue through individual lenses is that while individual redress (of some limited kind and in some limited cases) may be available, in doing so we leave in place the existing norms that created the situation in the first place. When womyn are being singled out more and being subjected to greater and more sexualized violent harassment, we must continue to explore this issue. Not, as so many writers have done of late, to ask “how should womyn respond” but rather to question “where does this come from and what are its overarching effects?” In examining this issue, we become aware that the online environment has become a new, broader environment for these things to emerge, be expressed, proliferate and to some degree become accepted.

I must confess – I have no answers. Many issues come up in this discussion – free speech, fear of censorship, the importance of anonymity, and the problem of whether we can or should regulate the Internet. As we seek to weigh all the issues and arrive at some understanding – ideally some solution – it is imperative that we not forget to add to the mix and weight appropriately our social commitment(s) to equality and the recognition of the communal benefits of equality. Any solution that is arrived at without taking this into account will hinder the transformative potential of these new spaces just as the current gendered, sexualized violence and harassment is now doing.

[1] On 1 March 2007, after several of the womyn had asked to be removed from the site, the individual running the “Most Appealing Women at Top Law Schools” contest turned the site over to AutoAdmit, which in turn shut down the site.
[2] A recording of the panel can be found at http://www.esnips.com/doc/9ed308e7-b94c-45c1-8568-4455eea1ec61/Apr_5_2007_Harvard_panel_on_AutoAdmit.
[3] Judging by their own site at http://www.reputationdefender.com/campaign_home.php, it seems that Reputation Defender has been markedly more successful at publicizing their name and positioning themselves as the defenders of the sexually harassed than in actually having the material removed.

| Comments (1) |

Are Biometrics Race-Neutral?

posted by:Shoshana Magnet // 11:59 PM // June 05, 2007 // ID TRAIL MIX


Biometrics regularly are described as technologies able to provide both "mechanical objectivity" [1] and race-neutrality. The suggestion is that biometrics can automate identity inspection and verification and that these technologies are able to replace the subjective eye of the inspector with the neutral eye of the scanner. In this way, biometric technologies are represented as able to circumvent racism: they are held up as bias-free technologies that will objectively and equally scan everyone's bodily identity. Frances Zelazny, the director of corporate communications for Visionics (a leading US manufacturer of biometrics systems) asserted that the corporation's newly patented iris scanning technology "is neutral to race and color, as it is based on facial features recognized by the software" (2002). In an online discussion on the use of iris scanners at the US-Canada border, one discussant claimed he would prefer "race-neutral" biometric technologies to racist customs border officials:

If I was a member of one of the oft-"profiled" minorities, I'd sign up for sure. Upside--you can walk right past the bonehead looking for the bomb under your shirt just because of your tan and beard. . . . In short, I'd rather leave it up to a device that can distinguish my iris from a terrorist's, than some bigoted lout who can't distinguish my skin, clothing or accent from same (Airport Starts Using Iris Screener, 2005).

Biometrics are central to the attempt to make suspect bodies newly visible. This is a complicated task, and one that is regularly tied to problematic assumptions around race, class and gender identity. It is not surprising therefore, that when biometric technologies are enlisted in this task they fail easily and often. What is most interesting about biometric malfunctions are the specific ways that they fail to work. Thus, as biometrics are deployed to make othered bodies visible, they regularly break down at the location of the intersection of the body's class, race, gender and dis/abled identity. In this way, biometrics fail precisely at the task that they have been set.

As biometric technologies are developed in a climate of increased anxiety concerning suspect bodies - stereotypes around "inscrutable" racialized bodies are technologized. For example, biometrics technologies significantly are unable to distinguish the individual bodies of people of colour. Research on the use of biometric fingerprint scanners has regularly found that it is difficult to fingerprint "Asian women . . . .[as they] had skin so fine it couldn't reliably be used to record or verify a fingerprint" (Sturgeon, 2004). Arguably, stereotypes concerning the inscrutability of orientalized bodies thus are codified in the biometric iris scanner.

These biometric failures result in part from the technological reliance on outdated and erroneous assumptions that race is biological. These assumptions partially can be noted from the titles of the studies that describe the biometric identification technologies. For example, one paper is titled "Facial Pose Estimation Based on the Mongolian Race's Feature Characteristic" (Li et al., 2004). Others titles include "Towards Race-Related Face Identification" (Yin et al, 2004) and "A Real Time Race Classification System" (Ou et al, 2005).

race classification.gif
This image is taken from A Real Time Race Classification System. Its caption in the original article reads: Two detected faces and the associated race estimates.

The suggestion that race is a stable biological entity that reliably yields common measurable characteristics is deeply problematic. Such conclusions are repeated in a number of articles that claim to classify "faces on the basis of high-level attributes, such as sex, 'race' and expression " (Lyons et al, 2000). Although the quotes around the word "race" would suggest that the authors acknowledge that race is not biological, they still proceed to train their computers to identify both gender and race as if it were so. This task is accomplished by scanning a facial image and then identifying the gender and race identity of the image, until the computer is claimed to be programmed to classify the faces itself. Unsurprisingly, error rates remain high. Neither gender nor race are stable categories that consistently may be identified by the human eye, let alone by computer imaging processes.

The assumptions concerning the dependence of biometric performance on racial and ethnic identity can also be noted in the locational differences in hypotheses around race and biometrics that are specific to each site of the study. In the US, biometric technologies have failed to distinguish "Asian" bodies. In the UK, biometric technologies have difficulty distinguishing "Black" bodies. In Japan, one study posited that it would be most difficult for biometrics to identify "non-Japanese" faces (Tanaka et al, 2004).

Nor do the failures of biometrics end with the errors that result from the codification of a biological understanding of race. Biometric technologies consistently are unable to identify those who deviate from the norm of young, able-bodied persons. In general, studies have shown that "one size fits all" biometric technologies do not work. For example, biometric facial recognition technology works poorly with elderly persons and failed more than half the time in identifying those who were disabled (Black Eye for ID Cards, 2005; Woolf et al, 2005). Other studies on biometric iris scanners have shown that the technologies are particularly bad at identifying those with visual impairments and those who are wheelchair users (Gomm, 2005).

Class is also a factor that affects the functioning of biometric technologies. Those persons with occupations within the categories "clerical, manual, [and] maintenance" are found to be difficult to biometrically fingerprint (UK Biometrics Working Group, 2001). Biometric iris scanners failed to work with very tall persons (Gomm, 2005) and biometric fingerprint scanners couldn't identify 20% of those who have non-normative fingers: "One out of five people failed the fingerprint test because the scanner was 'too small to scan a sufficient area of fingerprint from participants with large fingers'" (Black Eye for ID Cards, 2005). Many kinds of bodily breakdown give rise to biometric failure. "Worn down or sticky fingertips for fingerprints, medicine intake in iris identification (atropine), hoarseness in voice recognition, or a broken arm for signature" all gave rise to temporary biometric failures while "[w]ell-known permanent failures are, for example, cataracts, which makes retina identification impossible or [as we saw] rare skin diseases, which permanently destroy a fingerprint" (Bioidentification, 2007).

In addition to having technologized problematic notions around the comprehensibility of difference, biometrics are discursively deployed in ways that continued to target the specific demographics of suspect bodies. For example, biometric facial recognition technology requires Muslim women to completely remove their veils in order to receive new forms of id cards while older forms of identification such as the photos on driver's licenses only required their partial removal. In this way, biometric technologies are literally deployed to further the invasion by the state of the bodily privacy of Muslim women – an application that surely is not "race-neutral."

The examples cited above demonstrate that the objectivity and race-neutrality of biometrics needs to be called into question.

[1] I take this phrase from Daston and Galison (1992).


(2005). "Airport Starts Using Iris Screener." Available at http://www.vivelecanada.ca/article.php/20050715193518919. April 27, 2007.

(2005). "Black Eye for ID Cards." Available at http://www.blink.org.uk/pdescription.asp?key=7477&grp=21&cat=99. April 27, 2007.

Bioidentification. (2007). "Biometrics: Frequently asked questions." Available at http://www.bromba.com/faq/biofaqe.htm. April 27, 2007.

Daston, L. and P. Gallison. 1992. "The image of objectivity." Representation 40, Fall.

Gomm, K. 2005. "U.K. agency: Iris recognition needs work". News.com, October 20.

Li, H., M. Zhou, et al. 2004. "Facial Pose Estimation Based on the Mongolian Race’s Feature Characteristic from a Monocular Image ". In S. Z. Li, Z. Sun, T. Tanet al (eds.) Advances in Biometric Person Authentication.

Lyons, M. J., J. Budynek, et al. 2000. Classifying Facial Attributes using a 2-D Gabor Wavelet Representation and Discriminant Analysis. Fourth IEEE International Conference on Automatic Face and Gesture Recognition, 2000. Proceedings, Grenoble, France.

Ou, Y., X. Wu, et al. 2005. A Real Time Race Classification System. Proceedings of the 2005 IEEE: International Conference on Information Acquisition, Hong Kong and Macau, China,.

Roy, S. "Biometrics: Security boon or busting privacy?" PC World.

Sturgeon, W. (2004). "Law & Policy Cheat Sheet: Biometrics." Available at http://management.silicon.com/government/0,39024677,39120120,00.htm. April 27, 2007.

Tanaka, K., K. Machida, et al. 2004. Comparison of racial effect in face identification systems based on Eigenface and GaborJet. SICE 2004 Annual Conference.

UK Biometrics Working Group. (2001). "Biometrics for Identification and Authentication - Advice on Product Selection." Available at http://www.idsysgroup.com/ftp/Biometrics%20Advice.pdf. April 27, 2007.

Woolf, M., F. Elliott, et al. 2005. "ID Card Scanning System Riddled with Errors ". The Independent, October 16.

Yin, L., J. Jia, et al. 2004. Towards Race-related Face Identification: Research on skin color transfer. Sixth IEEE International Conference on Automatic Face and Gesture Recognition.

| Comments (0) |

Taking it to the Streets

posted by:Jeremy Hessing-Lewis // 09:55 AM // June 01, 2007 // General

It seems rather futile to report on the latest developments out of Google. In Internet time, the launch of Google Maps Street View has already been relegated to the archives of Boing Boing and the like. So it is that I can do little but sit back in awe of the technology like the day I first received a Sega Genesis. As a law & technology student, my enlightened, techno-savvy critique has been essentially limited to: "Look Ma, I can see our house!"

But what say the privacy advocates? Not surprisingly, they've promptly cried FOUL. Still, Google's predictable response falls back on tried and true techno-rhetoric:

Street View only features imagery taken on public property,” the company said. “This imagery is no different from what any person can readily capture or see walking down the street.(NY Times Link)

Yes, its true, assuming we were God, Street View, presents little improvement over what is already possible. Just your average ability to look at any location within the city without leaving your desk. This development merely confirms what has become increasingly clear "In Google we Trust."

I for one, am done playing the skeptic. Yes, there are privacy concerns at every twist and turn, but... "Look, there's my favorite Burrito Joint."

| Comments (1) |

main display area bottom border

.:privacy:. | .:contact:.

This is a SSHRC funded project:
Social Sciences and Humanities Research Council of Canada