understanding the importance and impact of anonymity and authentication in a networked society
navigation menu top border

.:home:.     .:project:.    .:people:.     .:research:.     .:blog:.     .:resources:.     .:media:.

navigation menu bottom border
main display area top border

When Personal Space is Nothing but Trouble

posted by:Jeremy Hessing-Lewis // 11:52 AM // July 17, 2006 // General | Surveillance and social sorting

Microsoft has withdrawn a free program that would have allowed users to create password protected folders. Private Window 1.0 would have allowed users to create privivate areas within user accounts that could protect sensitive data.

Unfortunately, the tool was set to cause chaos for IT departments accross the land. Companies don't like not being able to access parts of their own network. Moreover, the tool would have taken password recovery help to epic levels. The uproar caused Microsoft to retract the software within two days.

Although its too bad that the tool will no longer be available to individuals, it serves as an excellent example of Microsoft trying to balance corporate enterprise economics with personal data security.

Read more on CNET here.

| Comments (0) |

The Original Privacy Position

posted by:David Matheson // 11:50 PM // July 12, 2006 // Core Concepts: language and labels | Digital Democracy: law, policy and politics | Surveillance and social sorting

Thomas Nagel has pointed out that there is an analogy to be drawn between (what I’ll call) the problem of liberalism and the problem of privacy. The problem of liberalism concerns “how to join together individuals with conflicting interests and a plurality of values, under a common system of law that serves their collective interests equitably without destroying their autonomy.” (Nagel 1998, 4-5) The problem of privacy is that of “defining conventions of reticence and privacy that allow people to interact peacefully in public without exposing themselves in ways that would be emotionally traumatic or would inhibit the free operation of personal feeling, fantasy, imagination, and thought.” (Nagel 1998, 5)

One well-known attempt to deal with the problem of liberalism comes from John Rawls (1971). He asked us to imagine individuals in what he called the Original Position. Inhabitants of the Original Position are behind a “veil of ignorance” that cuts them off from any significant knowledge of their position in society: they don’t know whether they are rich or poor, powerful or disadvantaged, members of a social majority or minority, etc. Under such conditions of ignorance, they are faced with the task of determining the basic structures and rules whereby society is to be ordered. Whatever structures and rules they would agree upon, Rawls claimed, are the basic principles of justice (as fairness).

So what would the inhabitants of the Original Position agree upon? Rawls pointed to two fundamental principles. First, the liberty principle:

Liberty. Each individual is to have a maximal amount of basic liberty (including such things as the freedom to vote, the freedom to be considered for public office, freedom of speech, freedom of conscience, freedom of assembly, and freedom from arbitrary arrest and seizure) consistent with a similar liberty for everyone else.

Second, the difference principle:

Difference. Socio-economic inequalities are to be such that they bring the greatest benefit to least advantaged members of society.

By thus using the decision procedure that consists of thinking about what inhabitants of the Original Position would agree upon, Rawls suggested, we can get clear about the basic principles of justice. These principles provide the general framework for understanding “how to join together individuals with conflicting interests and a plurality of values, under a common system of law that serves their collective interests equitably without destroying their autonomy.” Hence the use of the Original Position gives us one way of dealing with the problem of liberalism.

I wonder if there isn’t an analogous solution to the analogous problem, i.e. to the problem of privacy. Perhaps we can make use of a privacy version of the Original Position; call it the “Original Privacy Position.” Thus, as before, imagine a group of individuals behind a metaphorical veil of ignorance. Now, however, the veil only precludes them from knowing anything significant about their privacy position in society. Inhabitants of the Original Privacy Position, in other words, don’t know such things as whether their privacy is generally at serious risk, whether they attach a great deal of value to their privacy, whether they are in a position to make a lot of money through the diminishment of others’ privacy (or whether others are in such a position with respect to them), etc. And behind this veil of privacy ignorance they are given the task of deciding upon the basic norms of “reticence and privacy,” to use Nagel’s phrase, or norms of the “contextual integrity” of personal information, to use Helen Nissenbaum (1998, 2002)’ s equally apt one. The idea would be that whatever basic norms inhabitants of the Original Privacy Position would agree upon, those are the basic privacy norms that any just society should respect.

Maybe they would agree upon norms quite analogous to Rawls’s two general principles of justice. First, there would be the privacy norm:

Privacy. Each member of society is to have a maximal amount of basic privacy consistent with a similar privacy for everyone else.

Then there would be something like the difference of privacy means norm:

Difference of privacy means. Inequalities with respect to individuals’ means of controlling their privacy (e.g. inequalities concerning access to technologies designed to protect their privacy, or to diminish that of others) are to be such that they bring the greatest benefit to the least privacy privileged members of society (i.e. to those members of society who are the least advantaged with respect to controlling their privacy).

Although I haven’t yet chatted with him about this, it seems to me that this Rawlsian approach to the problem of privacy might serve as a basis for justifying Steve Mann’s program of equiveillance. After all, a good case can be made that many of the surveillance structures in our actual society violate one of both of the just mentioned privacy norms. (Compare Lucas Introna (2000)’s claim that workplace surveillance practices sit ill at ease with the Rawlsian approach to justice as fairness.)

Consider, for example, the surveillance structures built into digital rights management technologies. Those structures certainly yield inequalities when it comes to individuals’ means of controlling their privacy. And they arguably bring no (let alone the greatest) benefit to the least privacy privileged members of society. Steve’s insistence that we aim for equiveillance through sousveillance could perhaps be cast as the point that sousveillance is needed to bring us back to an appropriate respect for such privacy norms as Privacy and Difference of privacy means.


Introna, Lucas. (2000). “Workplace Surveillance, Privacy, and Distributive Justice.” Computers and Society 33: 33-9

Nagel, Thomas. (1998). “Concealment and Exposure.” Philosophy & Public Affairs 27: 3-30

Nissenbaum, Helen. (2004). “Privacy as Contextual Integrity.” Washington Law Review 79: 119-58

Nissenbaum, Helen. (1998). “Protecting Privacy in an Information Age: The Problem of Privacy in Public.” Law and Philosophy 17: 559-96

Rawls, John. (1971). A Theory of Justice. Cambridge, MA: Harvard University Press.

| Comments (2) |

Surveillance Goes Mainstream

posted by:Jeremy Hessing-Lewis // 02:02 PM // June 14, 2006 // Commentary &/or random thoughts | General | Surveillance and social sorting | Walking On the Identity Trail

While researching how the major telcos are bundling their products, I was somewhat surprised to see that Telus has now added retail sales of consumer surveillance products to its online store. There are at least three immediate observations to be made about this development.

1. Web-based video surveillance is now mainstream. While similar products have been available for years, Linksys (a division of Cisco Systems) is a major market player with a variety of high-volume retail distributors. Telus is also prominently marketing these products through the main products page of their online store.
2. Web-based video surveillance is easy to use. Unlike the James Bond surveillance of years past, the Linksys models are ready to run out of the box. According to the product description, the Wireless G Video Camera contains its own web-server and does not require a computer. Just provide power and a nearby wireless network connection and the camera will stream live video (with sound) straight to any web-browser. For mobile monitoring, the camera can notify a cell-phone, pager, or e-mail address whenever the motion sensor is triggered. When operating in "Security Mode," the camera can be configured to send short video clips to up to 3 e-mail addresses.

3. Web-based video surveillance is cheap. Telus offers two models. The cheaper version retails for $99.95 and contains all the basic functionality. For $274.95, the deluxe version includes a motion sensor and microphone.

Such products will likely have significant privacy implications. Their ease-of-use and low-cost will allow a much broader market of users than have previous versions. It is foreseeable that many of these users will devise illicit uses beyond the "home monitoring" described by Telus. As these products continue to shrink in size and wireless capabilities improve, the threat is only likely to increase.

We are left with the recurring question: Does the democratization of surveillance equipment present a threat?

One might argue, as has Steve Mann with the concept of sousveillance, that providing such tools to citizens counterbalances the powers of otherwise one-sided surveillance. I consider this to be somewhat of a "right to bear arms" argument and am forced to wonder whether such a state is at all desirable. Are many weapons preferable to a single weapon?

In contrast, one might also see Telus' foray into video surveillance as part of the surveillance "arms race" that will inevitably be a race to the bottom (the always enjoyable skeptic's position).

Alas, I fear this moral debate will only be resolved by the great oracle of our time... the market.

| Comments (1) |

A Dignity Worry about Automated Identity Management

posted by:David Matheson // 12:05 PM // May 28, 2006 // Core Concepts: language and labels | Digital Identity Management | Surveillance and social sorting

Consider an extreme proponent of the ancient Greek practical philosophy known as Cynicism. I’ll call him Diogenes, without implying anything about how closely he resembles the historical Cynic of the same name (who, you might recall, once suggested to a fawning Alexander the Great that the greatest honor the king could bestow on him was that of moving a little to the side so that he could continue to soak up the sun’s rays). Our fictitious Diogenes takes the Cynical doctrine of following the lead of nature, and of flouting any inhibitive social conventions, to a shocking level. In a way that might remind a dog-owner of her lovable companion (“Cynic,” after all, comes from kunikos in Greek, meaning “like a dog,” cf. Piering 2006), Diogenes makes no attempt to hide whatever inclinations and desires he happens to find coming his way naturally, and is quite happy to satisfy them whenever and wherever he can. Bodily functions that we would normally consider to be deeply private he carries out in full view of whoever happens to be in his presence. He says whatever comes to mind, regardless of who it might happen to offend or of how it might make him appear to others. Simply put, Diogenes lets it all hang out, always. And he’s convinced that doing so is the true road to happiness.

We might say that Diogenes believes that shame-avoidance -- at least as we commonly think of shame -- stands in the way of human happiness. Or we might say that he presents a formidable challenge to our convictions about the negative value of shame. But it seems to me that, whatever we say on those matters, Diogenes can at least properly be said to be living a shameful life. Even if he couldn’t care less about avoiding shame, and regardless of whether he thinks it’s something to be quite pleased about, Diogenes is in the business of performing one shameful act after another.

It’s interesting to note that this intuitive (to me, at any rate) verdict about Diogenes’s behavior -- it’s shameful -- sits ill at ease with philosophical accounts of shame that render it essentially a matter of sensitivity to the disapproval of others. Consider, for example, the view that an individual’s behavior is an occasion for shame just in case she feels bad about engaging in it when she considers that others disapprove. In this view, Diogenes is not living a life of shame. He knows that others disapprove of his startling behavior, but he doesn’t feel bad in the light of this knowledge, for he thinks that sensitivity to the disapproval is inimical to the prime directive of happiness.

Recently, New York University philosopher J. David Velleman (2001) has presented an alternative account of shame that is more accommodating to the intuitive verdict about Diogenes. According to this account, shame is at its core about failures of selective self-presentation: to say that an individual’s behavior is an occasion for shame, in other words, is to say that she has failed to take adequate care -- failed to manifest appropriate concern -- when it comes to selectively revealing (or, on the flip side, concealing) different aspects of herself in different contexts. Despite the fancy name, the concern for selective self-presentation is a pretty familiar feature of our lives. Indeed, according to some, it’s “among the most important attributes of our humanity.” (Nagel 1998: 4) It’s manifested in everything from such mundane activities as the wearing of clothes in public, retiring to designated rooms for intimate engagements, and taking care not to say everything we think to be true of individuals in their presence, to more elaborate attempts to respect what another NYU philosopher, Helen Nissenbaum (1998) has called “norms of contextual integrity” of personal information, whether in online environments or elsewhere.

If we accept this alternative account of shame, with its focus on failures of selective self-presentation, I think we’re in a good position to explain why Diogenes is living a life of shame. Diogenes can’t be said to be taking adequate care when it comes to selectively revealing different aspects of himself in different contexts, because he really takes no care at all. His starling behavior, given that lack of care, amounts to a radical failure of selective self-presentation, and is thus an occasion for shame.

Of course, occasions for shame need not be as radical as what’s involved in Diogenes’s case. He manifests a general, pervasive, and ongoing lack of concern for selective self-presentation. In more realistic cases, failures of selective self-presentation are considerably more acute, stemming from particular bits of behavior that manifest a temporary lack of care for selective self-presentation against the background of a more general care for it. To illustrate, consider the individual who make an ill-considered, out of character remark that exposes his feelings about another individual to a much larger audience than he intends. His remark can be said to be an occasion for shame because, despite the fact that he generally makes an active effort to reveal such attitudes only to a limited circle of close friends -- thus manifesting a general, ongoing concern for selective self-presentation -- this particular remark has undermined the general effort and thus manifests a temporary carelessness about self-presentation, one that amounts to a relatively small-scale instance of shame.

Notice that the avoidance of shame seems to be centrally tied to human dignity: an individual’s behavior can hardly be dignified if it is an occasion for shame, and dignified behavior seems to preclude shameful behavior. If we accept it, then, the failure of selective self-presentation account of shame would seem to translate into an important insight about human dignity, viz. that manifesting an adequate concern for selective self-presentation, through the active avoidance of failures of selective self-presentation, is a central condition on our dignity.

It seems to me that this insight about human dignity may well ground a worry about certain kinds of identity management technologies that are becoming increasingly prevalent on the contemporary scene. What I have in mind are those technologies that tend to automate the management of users’ identities to a very high degree, by significantly diminishing the users’ active participation in processes of their own identification. Consider, for example, implanted RFID microchips. One of the primary benefits of these technologies is identification convenience: if you’ve got the chip in your arm, the process of being identified in various ways is easier for you than processes involving old-fashioned counterparts. You don’t have to bother with finding the right card, producing the right documentation, providing the right answers to relevant questions, and so on. You just walk on through, and let the chip do your identifying for you. Brin (2004) makes the point in connection with biometric identification systems: “When your car recognizes your face, and all the stores can verify your fingerprints, what need will you have for keys or a credit card?”

Perhaps, however, the convenience of these technologies comes at too high a price on the dignity scale -- at least for those of us who, unlike our fictitious Diogenes, care about human dignity in the relevant sense. For it seems to me that there’s a case to be made that the more we subscribe to automated identity management technologies, the less likely we are to maintain a robust concern for selective self-presentation, because we are more likely to leave the presentation of aspects of ourselves up to the technologies and the systems of which they are a part. And if the insight about human dignity mentioned above is on the right track, this carries as a consequence an increased likelihood of diminishing our dignity as humans.

Diogenes in effect gives up on selective self-presentation by leaving his self-presentation to the hand of nature. Perhaps we should be careful about giving up on our selective self-presentation by leaving our self-presentation to the hand of technology. Our dignity may well be what hangs in the balance.


Brin, David. (2004). “Three Cheers for the Surveillance Society!” Salon, http://dir.salon.com/story/tech/feature/2004/08/04/mortal_gods/index_np.html. Retrieved 26 May 2006

Nagel, Thomas. (1998). “Concealment and Exposure.” Philosophy & Public Affairs 27: 3-30

Nissenbaum, Helen. (1998). “Protecting Privacy in an Information Age: The Problem of Privacy in Public.” Law & Philosophy 17: 559-96

Piering, Julie. (2006). “Cynics.” The Internet Encyclopedia of Philosophy, http://www.iep.utm.edu/c/cynics.htm. Retrieved 25 May 2006

Velleman, J. David. (2001). “The Genesis of Shame.” Philosophy & Public Affairs 30: 27-52

| Comments (0) |

Watch what you type, or THEY will

posted by:Jeremy Hessing-Lewis // 10:22 AM // May 17, 2006 // Surveillance and social sorting | TechLife

Next time you type your password or send a lover an adjective-dense email, you may want to consider the intermediaries. If you're lucky enough to have a boss who doesn't care about your keystrokes, that doesn't mean even more surrepticious intermediaries don't have similar intentions. A new study suggests that spyware keystroke logging is on the rise. Just because you can't see your password, **********, doesn't mean nobody else can.

CNET: Study: Keystroke spying on the rise
CNET: Spying at work on the rise, survey says

| Comments (0) |

Anti-Spyware Coalition: Public Workshop Part II

posted by:Jeremy Hessing-Lewis // 02:24 PM // May 16, 2006 // Commentary &/or random thoughts | Digital Activism and Advocacy | Surveillance and social sorting

Everyone should be happy to know that Microsoft and the Department of Homeland Security are looking-out for your personal privacy. They represent the so-called "international public-private cooperation" that is hard at work keeping your computer free from all kinds of scary threats.

Joe Jarzombek, the Director for Software Assurance in the Policy and Strategic Initiatives Branch of the National Cyber Security Division (phew), spoke of the DHS' efforts (see National Cybersecurity Division) to contain risks presented by a non-standard, outsourced supply chain. That's right, the threat isn't local, its from one of the "stans" or "anias." They've established a common directory of malware in order to standardize spyware definitions. They are also kindly offering a software assurance program so that the DHS can have a look at your code and make sure its alright.

Spyware is a serious threat to your privacy, but Microsoft and Homeland Security are doing their best to ensure that your personal information doesn't get into the wrong hands. Trust them.

While the FCC is pushing for their The Safe Web Act, it seems that the DHS is sitting pretty. Big business is openly sharing information with them and, in turn, they are sheltering big business from the public's prying eyes through "critical information protections". The key phrase that was left unspoken by all parties was "mandatory backdoors".

(By Ambrese and Jeremy HL)

| Comments (2) |

Anti-Spyware Coalition Public Workshop

posted by:Jeremy Hessing-Lewis // 10:41 AM // // Commentary &/or random thoughts | Digital Activism and Advocacy | Digital Democracy: law, policy and politics | Surveillance and social sorting | Walking On the Identity Trail

Jeremy HL and Ambrese reporting from the Anti-Spyware Coalition Public Workshop: Developing International Solutions for Global Spyware Problems. The Workshop has brought together an interesting mix of consumer advocates, anti-spyware vendors, regulatory agencies, and public interest groups.

Ari Schwartz, of the Center for Democracy and Technology, presented a survey of some of the harms of spyware including:
1. Identity Theft
2. Corporate Espionage
3. Domestic Violence
4. Extortion
5. Unfair and Deceptive Trade Practices
6. General Privacy Invasions

Although the connection may not be immediately obvious, the relationship between domestic violence and spyware is particularly interesting. Both Anne Mau, of lokk.dk, as well as Cindy Southworth, of the National Network to End Domestic Violence, spoke of how women in abusive relationships can be put under surveillance by their own computers. The monitoring becomes an additional method of asserting complete control. One example marketed as "lovespy" was deployed as a harmless greeting card that would then install key tracking software. This is especially dangerous when women are trying to find social support information or are organizing themselves to leave the relationship.

Ambrese investigated the support services related to spyware and domestic violence only to find that they remain totally inadequate. One support worker offered the helpful advice: "Don't use the Internet." CIPPIC will be hosting Cindy Southwark this week as she trains social service workers to deal with these issues.

Stay Tuned.

| Comments (0) |

Wearable Sensors to Improve Soldier Post-Action Reports

posted by:Alex Cameron // 03:28 PM // May 15, 2006 // Surveillance and social sorting

Wearable Sensors to Improve Soldier Post-Action Reports

Future combat gear may feature wearable sensors, including cameras and audio pick-ups, to enhance the soldier's "situational awareness" and after-action reports as a result of the ASSIST project. ... A soldier’s after-action mission report can sometimes leave out vital observations and experiences that could be valuable in planning future operations. The Defense Advanced Research Projects Agency (DARPA) is exploring the use of soldier-worn sensors and recorders to augment a soldier’s recall and reporting capability. The National Institute of Standards and Technology (NIST) is acting as an independent evaluator for the “Advanced Soldier Sensor Information System and Technology” (ASSIST) project. NIST researchers are designing tests to measure the technical capability of such information gathering devices.

For those who remember my question at the team meeting, I thought this article was pretty interesting.

First, this picture of the soldier shows that Steve Mann is far ahead of the US military in terms of technology! I mean, the other soldiers must make fun of this guy with the camera on his helmet.

Second, and more on point with my question, I think the person collecting the info here is very interesting. Recall that part of my question was whether Steve had accounted for the possibility that the information gathered by the sousveiller would be more likely to be used against them than for them. As many people in this field know, privacy-invasive or rights diminishing measures are often tested first on soldiers and prisoners. Perhaps it is a coincidence that it is a soldier here but maybe it's evidence that there's something to my question. And recall that in the 'real world', it's not just an issue of the evidence being used against someone who shoplifts, it's a more general use of the information 'against' or to profile the individual that was part of my question.

Maybe some might consider this example as an example of surveillance of employees (because the military owns the tapes). However, if everyone's sousveillance tapes were accessible to others (through discovery in litigation) or other ways, then really what is the difference between sousveillance and surveillance.

Full story here

| Comments (1) |

Search engine privacy

posted by:Marty // 01:45 PM // January 20, 2006 // Surveillance and social sorting

Concerned about the Justice Department trying to find out what you're searching on-line? Wired has posted an FAQ on search engine privacy, which contains a few helpful hints. Jump to it here.

| Comments (0) |

On E-Government Authentication and Privacy

posted by:Stefan Brands // 01:40 PM // November 01, 2005 // Computers, Freedom & Privacy Conference (CFP) | Digital Activism and Advocacy | Digital Democracy: law, policy and politics | ID TRAIL MIX | Surveillance and social sorting | TechLife

Governments around the world are working to implement digital identity and access management infrastructures for access to government services by citizens and businesses. E-government has the potential of bringing major cost, convenience, and security benefits to citizens, businesses, and government alike. There are major architecture challenges, however, which cannot be solved by simply adopting modern enterprise architectures for identity management. Namely, these architectures involve a central server that houses the capability to electronically trace, profile, impersonate, and falsely deny access to any user. In the context of an e-government infrastructure, the privacy and security implications for citizens of such a panoptical identity architecture would be unprecedented.

By way of example, consider the implications of adopting the Liberty Alliance ID-FF architecture (the leading industry effort for so-called "federated" identity management) for e-government. The ID-FF describes a mechanism by which a group of service providers and one or more identity providers form circles of trust. Within a circle of trust, users can federate their identities at multiple service providers with a central identity provider. Users can also engage in single sign-on to access all federated local identities without needing to authenticate individually with each service provider. Liberty Alliance ID-FF leaves the creation of user account information at the service provider level, and in addition each service provider only knows each user under a unique “alias” (also referred to by ID-FF as “pseudonyms”). However, the user aliases in Liberty Alliance ID-FF are not pseudonyms at all: they are centrally generated and doled out by the identity provider, which acts in the security interests of the service providers.

While the Liberty Alliance ID-FF architecture may be fine for the corporate management of the identities of employees who access their corporate resources, it would have scary implications when adopted for government-to-citizen identity management. The identity provider and the service providers would house the power to electronic monitor all citizens in real time across government services. Furthermore, insiders (including hackers and viruses) would have the power to commit undetectable massive identity theft with a single press of a central button. Carving out independent “circles of trust” is not a solution: the only way to break out of the individual circle-of trust “silos” that would result would be to merge them into a “super” circle by reconciling all user identifiers at the level of the identity providers. This would only exacerbate the ID-FF privacy and security problems.

More generally, replacing local non-electronic identifiers by universal electronic identifiers has the effect of removing the natural segmentation of traditional activity domains; as a consequence, the damage that identity thieves can do is no longer confined to narrow domains, nor are identity thieves impaired any longer by the inherent slowdowns of a non-electronic identity infrastructure. At the same time, when the same universal electronic identifiers are relied on by a plurality of autonomous service providers in different domains, the security and privacy threats for the service providers no longer come only from wiretappers and other traditional outsiders: a rogue system administrator, a hacker, a virus, or an identity thief with insider status can cause massive damage to service providers, can electronically monitor the identities and visiting times of all clients of service providers, and can impersonate and falsely deny access to the clients of service providers.

On the legal side, the compatibility of modern enterprise identity architectures with data protection legislation and program statutes is highly questionable. Also, the adoption of enterprise identity architectures in the context of e-government would directly interfere with Article 8 rights under the European Convention on Human Rights. Specifically, any interference with privacy rights under Article 8 must do so to the minimum degree necessary. Enterprise identity architectures violate this requirement: far less intrusive means exist for achieving the objectives of e-government.

Specifically, over the course of the past two decades, the cryptographic research community has developed an array of privacy-preserving technologies that can be used as building blocks for e-government in a manner that simultaneously meets the security needs of government and the legitimate privacy and security needs of individuals and service providers. Relevant privacy-preserving technologies include digital credentials, secret sharing, private information retrieval, and privacy-preserving data mining.

By properly using privacy-preserving technologies, individuals can be represented in their interactions with service providers by local electronic identifiers. Service providers can electronically link their legacy account data on individuals to these local electronic identifiers, which by themselves are untraceable and unlinkable. As a result, any pre-existing segmentation of activity domains is fully preserved. At the same time, verifier-trusted authorities can securely embed into all of an individual’s local identifiers a unique “master identifier” (such as a random number). These embedded identifiers remain unconditionally hidden when individuals identify themselves on the basis of their local electronic identifiers, but their hidden presence can be leveraged by service providers for all kinds of security and data sharing purposes without introducing privacy problems. The privacy guarantees do not require users to rely on third parties - the power to link and trace the activities of a user across his or her activity domains resides solely in the hands of that user.

In the context of e-government, security and privacy are not opposites but mutually reinforcing, assuming proper privacy-preserving technologies are deployed. In order to move forward with e-government, it is important for government to adopt technological alternatives that hold the promise of multi-party security while preserving privacy.

For more information, interested readers are referred to my personal blog at www.idcorner.org.

| Comments (0) |

Ottawa to give police more power to snoop

posted by:Jennifer Manning // 10:21 AM // August 19, 2005 // Surveillance and social sorting

The Globe and Mail

Ottawa — The federal government will introduce legislation this fall that would give police and national security agencies new powers to eavesdrop on cellphone calls and monitor the Internet activities of Canadians, Justice Minister Irwin Cotler said yesterday.

The bill would allow police to demand that Internet service providers hand over a wide range of information on the surfing habits of individuals, including on-line pseudonyms and whether someone possesses a mischief-making computer virus, according to a draft outline of the bill provided to the Privacy Commissioner of Canada.

After a speech to a police association in Ottawa, Mr. Cotler confirmed that his government will soon bring "lawful access" legislation to cabinet for final approval before it is introduced in the House of Commons.

The minister said the law is needed to replace outdated surveillance laws that were written before the arrival of cellphones and e-mail.

"We will put law-enforcement people on the same level playing field as criminals and terrorists in the matter of using technology and accessing technology," he said.

"At the same time we will protect the civil libertarian concerns that are involved such as privacy and information surveillance,"the minister said.

Police groups say they are not asking for any new powers but rather the ability to continue their regular investigative activities in the digital age.

Clayton Pecknold of the Canadian Association of Chiefs of Police said police are working with laws originally written in 1974, a time when wiretapping involved climbing telephone poles.

"The laws were written for a wired world as opposed to the wireless world," he said. "We are not asking that we be given any powers without a court order."

But critics who have been involved in private consultations with the government are expressing concern that the proposed law goes too far and could ultimately be used to nab Canadians as they engage in relatively minor offences such as downloading music, movies and computer software without paying for them.

The law would force Internet service providers to retain records on the Internet use of its clients in such a way that it can be easily retrieved by police, doing away with the need in many cases to seize an individual's computer as part of an investigation.

In her submission to the government earlier this year, Privacy Commissioner Jennifer Stoddart concluded that Ottawa and the police have not provided enough justification to warrant such a law.

"We remain skeptical about the need for these potentially intrusive and far-reaching measures," she wrote. Ms. Stoddart noted the law could give police access to global-positioning-system data from cellphones combined with electronic banking data that could allow the government to track an individual's every move.

"The digits we punch into a modern telephone do not just connect us to another party, they can also reveal our financial transactions, PIN numbers and passwords, or even health information." Michael Geist, a University of Ottawa law professor who took part in the consultations, said the proposed law goes "well, well beyond" updating references to analog technology. "For individual Canadians, this is an issue that should attract enormous interest because it fundamentally reshapes the Internet in Canada, creating significant new surveillance powers," he said.

Alex Swan, a spokesman for Public Safety Minister Anne McLellan, who will be introducing the bill, said the new law will not add any new offences to the current list in the Criminal Code that can be used to justify a wiretap.

While that list of more than 100 crimes does include a host of sections dealing with terrorism and organized crime, it also includes theft, mischief and keeping a gaming or betting house.

Mr. Swan said judicial oversight will prevent police from using the new surveillance law for minor offences, as will the cost involved in using such surveillance methods.

| Comments (0) | | TrackBack

NYC wants to track diabetics

posted by:Marty // 11:49 AM // August 14, 2005 // Surveillance and social sorting

New York City recently proposed a new plan to track diabetic New Yorkers. The plan would call for area medical labs to report the results of a diabetes test that can indicate the effectiveness of a person's care. The program would flag patients whose care is lapsing and send notes to their doctors. It is then up to the doctor to follow through and contact the patient.

This article from the Associated Press, via the Seattle Times, provides us with soundbytes from two sides of this issue....

In this corner, we have the City of New York:

There will be some people who will say, 'What business of the government is it to know that my diabetes is not in control?' " said Dr. Thomas Frieden, the city's health commissioner.
The answer, he said, is that diabetes costs an estimated $5 billion a year to treat in New York and was the fourth leading cause of death in the city in 2003, killing 1,891 people.
By pinpointing problem patients, then intervening in their care, Frieden said the city can improve thousands of lives. "I don't think we can afford not to do anything," he said.

And in this corner, we have those with privacy interests in mind:

This isn't smallpox," said James Pyles, an attorney who represents health-care groups concerned with medical privacy. "The state, or the city in this case, does not have a compelling interest in the health of an individual that overrides that individual's right to privacy."

And in this third corner, we have the medical community:

Dr. Nathaniel Clark, vice president for clinical affairs of the American Diabetes Association, said the surveillance system could be a great tool for doctors who find it difficult to track patients over long periods. Currently, he said, people who aren't aggressive about their care can easily fall through the cracks. Some switch health-care providers, and many people living in poor neighborhoods where diabetes is common don't have a regular doctor.

Given the recent trend of security breaches, can such a database really be trusted? Does the end-goal truly justify such a program? Was this proposal drawn up based on a business case or on actual healthcare goals? Should government tracking be limited only to infectious diseases, or just to other major health epidemics? Or should all tracking be ruled out? Given that this program is not seeking healthcare data in the aggregate, but to target individual people, does the stepping on one’s privacy balance against the personal health handholding/looking out for you by the government?

What, I believe, is most compelling here is the issue of consent. Initially, at least, all patients will be flagged for the system. Only afterwards will they be able to opt-out. Think of the above questions, again, in light of a opt-out mechanism, do any of your opinions change? Is this a case of Government Knows Best?


| Comments (0) | | TrackBack

Big Brother Wants to Be Diet Cop

posted by:Todd Mandel // 06:48 PM // July 29, 2005 // Surveillance and social sorting

Wired News reports that New York city offiicals have proposed to monitor people with Diabetes and by "intervening ever so slightly in their care", improve their level of care and general health. Privacy advocates have responded with criticisms that, unlike contagious diseases, Diabates only affects the individual and is an intrusive entry into people's personal lives. Read the full article at:


| Comments (0) | | TrackBack

Lawful access or needless distress? How service providers feel about new high-tech surveillance proposals

posted by:Jennifer Manning // 05:07 PM // // Surveillance and social sorting

By: Mari-Len De Guzman
IT World Canada (22 Jul 2005)
In the so-called "lawful access" controversy in Canada there are almost as many sides as there are stakeholders.

The debate appears to pit law enforcement agencies here against privacy groups. Service providers – wireless, wireline and Internet – are caught somewhere in the middle, trying to juggle their twin responsibilities: ensuring subscriber privacy, while helping law enforcement catch crooks or terrorists.

Theoretically, "lawful access" refers to the legal intercept of communications, as well as search and seizure of information by Canadian law enforcement agencies. Under current criminal statutes, these seizures have to be authorized by law, usually a judicial order.

This, however, may not always be the case if the new "lawful access" proposals go through.

For instance, police, CSIS agents, and Competition Bureau agents would be empowered to obtain subscriber data – name, address, e-mail address, IP address – from telecommunications service providers (TSPs) upon mere request, without any judicial authorization or requirement for reasonable grounds to suspect wrongdoing.

In addition, TSPs would be subject to a "gag order" regarding such requests – namely, no disclosure of the content of the request, the information provided, or any other information regarding the provision of subscriber information to the police.

And it's more than ethical dilemmas that carriers have to contend with. There's the question of what compliance would cost them – in terms of money, technology and resources.

Counting the cost:

For instance, one proposal currently under review requires service providers to build into their networks communications intercept capabilities.

The question, of course, is who will foot the bill for doing that. For carriers and service providers, that's a vital issue. But until the proposed legislation provides more clarity in terms of the technology requirement, TSPs are not able to quantify the capital cost of lawful access compliance.

One thing may be certain though, according to David Elder, chair of the lawful access committee of the Canadian Association of Internet Providers (CAIP). Smaller Internet service providers (ISP) will be given "special considerations" when it comes to the carriers' financial obligations.

Click here for the article, and to see Jason Young on the cover.

| Comments (0) | | TrackBack

Death and Identity

posted by:Shannon Ramdin // 05:07 PM // // Surveillance and social sorting

Following up on Ian's "Mainstreaming Verichip" post, there was recently an article in BBC news about using RFIDs to identify the dead. Verichip advocates argue that RFIDs could have helped identify victims of the Tsunami or London bombing.

Should privacy and identity be sacrificed for the sake of convenience?

| Comments (0) | | TrackBack

Frisking the Machine

posted by:Jennifer Manning // 04:50 PM // // Surveillance and social sorting

From: Globe and Mail, by Jack Kapica

Microsoft is making new demands.

The software behemoth started a program on Monday that requires users of its Windows operating system to prove their copies are legitimate. If not, Microsoft will not let them get add-ons to Windows XP.

The program, called Windows Genuine Advantage, will frisk your machine to see if it's running an authentic version of Windows. If it detects a counterfeit copy, it will offer two options — users can fill out a piracy report, provide proof of purchase and send in the counterfeit CDs to get a free copy of Windows Home Edition or Windows Professional; or those who just submit a piracy report — telling when, where and from whom they got the software and send in the counterfeit copy — will get either version of Windows at half price.

In the spirit of further generosity, Microsoft will allow users of unauthorized Windows programs to install security-related updates, which are used to plug software flaws exploited by viruses and hackers.

Privacy advocates are looking at the situation closely, but aren't likely to find much beyond theoretical concerns. Microsoft has been collecting information like this for some time, starting with Service Pack 2 for Office 2000, when the company's then-new authentication system not only recorded your Office serial number, but also took a look at the hardware in your machine.

This time, the company seems to have broadened its list of things to look for, scanning your machine not only for product keys, software authorization codes and operating-system version, but also for details on the flow of data between the operating system and other hardware, such as printers.

This latest wrinkle has been tested as an option for the past 10 months on some 40 million users, Microsoft says, and it was such a success that the company has decided to drop the "option" part.

Microsoft has assured users that no personal data is being collected for the validation process, and information will remain completely anonymous. All that will happen is the user of the software in question will be denied upgrades.

This all sounds reasonable, even though the company is broadening its definition of what information it wants from PC users while much of the Western world is passing legislation designed to increase privacy protection in an increasingly digital world.

There are, however, legitimate concerns with Microsoft's actions, such as how the company will extract our consent to divulge the information (most complaints about privacy involve the issue of "valid consent," I'm told by Philippa Lawson, executive director of the Canadian Internet Policy and Public Interest Clinic). There are also concerns about how long Microsoft will keep the information, and whether the company might decide to use that information in the future for purposes not outlined (or even foreseen) in the current agreement.

But I will assume for the moment that Microsoft's intentions are beyond reproach. That leaves me with other concerns.

First, this validation process is being done in the name of stopping software piracy, which is a very real concern in the digital age, especially with the level of mass piracy in the Asia-Pacific region, Eastern Europe, the Middle East and other places. But I have long suspected that the Business Software Alliance, an industry group against software theft, has greatly inflated the dollar value of corporate losses. The BSA — and the Canadian Alliance Against Software Theft, its counterpart here — has issued press releases for some years estimating colossal economic losses to piracy; all appear to operate on the assumption that every piece of pirated software represents a lost sale, and things like lost salaries of software salespeople are folded into the calculation, plumping up the outrage.

Yet much of what constitutes piracy in the more civilized corners of the world is largely the result of the atmosphere that computer users breathe. Software is constantly being upgraded and fixed, security holes are patched and new versions reissued so frequently that every piece of software ultimately behaves as though it's an unfinished version of what's to come next.

It has become an act of courage and expense to upgrade our software — especially operating systems — and wary buyers have come to see themselves as beta testers, always waiting for a finished version. So they approach buying software differently from, say, the way they buy TV sets, which do not need weekly visits to the repair shop. People are naturally chary of spending large sums of money on software that will offer them an unending string of security holes to patch, and then be urged to upgrade entirely within a year or two.

If software companies want to cut piracy, their strategy should include finishing their products, and not treating their customers so cavalierly or so carelessly. That way, buyers might start to consider software as something of value that they're investing in, rather than as a half-baked "beta" product that happens to come in a box.

My other concern is that Microsoft is, after all, a member of the BSA, which includes Adobe, Apple, Autodesk, Avid, Bentley Systems, Borland, Cadence, Cisco Systems, CNC Software/Mastercam, Dell, Entrust, HP, IBM, Intel, Internet Security Systems, Macromedia, McAfee, Inc., PTC, RSA Security, SAP, SolidWorks, Sybase, Symantec, UGS Corp. and Veritas Software, which merged with Symantec earlier this year. BSA members finance anti-piracy strategies, and presumably share the information collected.

Is Microsoft sharing the information it collects using Windows Genuine Advantage with other members of the BSA? The company hasn't said, although I'd be surprised if Microsoft didn't share it with its worthy allies. At least we should know about it, and have the member companies listed in any agreement we are asked to make.

Perhaps the BSA should spend more effort earning the respect of its customers before frisking us all as though we are thieves.

| Comments (0) | | TrackBack


posted by:Ian Kerr // 10:01 AM // // Surveillance and social sorting

those who have been following this blog will know of my concern about an uncritical mainstream adoption of human microchip implantation.

in this context, it has been interesting to watch the verichip go mainstream. but when the chief information officer at the
harvard cinical research institute
and one of america's best known bioethicists downplay the privacy considerations, i start to get a bit concerned...

john halamka, an emergency physician and chief info officer, has had a verichip on his shoulder (well, close enough...) for some time now. recently, he was reported as saying: "If a chip could also serve as a GPS, reporting my location, or act as an emergency transponder, requesting rescue, I would definitely upgrade". halamka has made quite a name for himself touting the chip. this week, he published on the subject in the new england journal of medicine.

bioethicist arthur caplan also expressed an interest in the verichip as a medical device. according to caplan:

"You are more likely to die or be harmed by lack of medical information about you than by people knowing too much about your medical information," he says. "In an emergency, it's important for doctors to know what your allergies and medical problems are, who your relatives are and how to reach them, your blood type, and so on."

today caplan was reported as describing those who distrust this application of rfid technology in the following way:

"The idea of putting something in your head or in your arm frightens people and stirs up privacy worries, even if they don't make a lot of sense," he says. "Americans have an almost obsessive drive to protect their personal privacy."

Q - am i "obessed" if i want us to slow down and critically evaluate the implications of implanting devices that can be used to create unique identifiers for individuals and link them to networks of various sorts prior to any decision to adopt them in sensitive areas such as the healthcare setting?

i get it when halamka says that it is easier for emergency docs to do their jobs when they don't have to rely on patients to give them vital information. but isn't it obvious that there is more at play here? wouldn't it also be easier for subway security to do their jobs on the same basis?

what do others think?!

| Comments (2) | | TrackBack

Privacy vs. Security

posted by:Rafal Morek // 05:14 PM // July 27, 2005 // Surveillance and social sorting

Last week a CBC journalist was stopped by a security guard while on her way to buy a tea at Starbucks on the ground floor of an office building in Ottawa. She was asked to submit to a random bag search. When she refused, the guard let her carry on, but it sparked an interest on her part in increasing intrusions into personal privacy, allegedly over concerns about national security. The CBC interviewed Daphne Gilbert this morning on the incident. If you want to listen to the interview (about nine minutes), you can find it under CBC Ottawa Morning Top Story (for Wednesday). It will stay on the site until Tuesday, August 2nd. Daphne made the point that people should be concerned about security searches like this one, and that we as a society should be wary of our decreasing expectations in privacy.

| Comments (0) | | TrackBack

On the Bookshelf - Judge Posner and 9/11

posted by:Marc Rotenberg // 10:12 PM // July 19, 2005 // Surveillance and social sorting

For a person who has struggled a bit with the demands of acadamic writing, contemplating the work of Judge Richard Posner is a bit like imagining that one's notepaper doodles are going to end up in the Louvre. It isn't going to happen. He is in one world, the rest of us in another. Judge Posner can probably write faster than most people can read. And he probably writes as frequently as most people breathe.

But among all of Judge Posner's writings, one of the most provocative was surely his review of the 9-11 Commission report for the New York Times Book Review. Posner, who obviously ignores the political memos and talking points that are widely circulated in Washington in case anyone forgets what to say when there is dead air time, put forward the radical views that (1) the 9-11 terrorists outsmarted us, (2) terrorists will outsmart us in the future, and (3) the radical restructuring of the US intelligence community (which is to say, the consolidation and centralization of decisionmaking authority) may not have been the smartest move if our concern is with a nimble and determined enemy.

I haven't finished Posner's book, which elaborates on the NY Times essay, but I was thinking about it last week when I attended a briefing for the new Homeland Security Secretary Michael Chertoff at the Ronald Reagan building in downtown Washington (surrounded by the national security community and various federal contractors, I had a Hunter Thompson moment and joked with the FBI field agents seated next to me. Btw, a Blackberry 7290 appears to be standard issue for those defending the homeland from foreign threats and charges for extra minutes.)

Posner is, of course, also the father of the law of economics movement (to every social problem, there is an equation that defines risk, reward, cost and benefit, and whether to split 5's if the dealer is showing an 8. Answer: Don't do it). And to Posner, and apparantly to the new Secretary of Homeland Security, the problem of defending against terrorists comes down to ecomomic analysis. Sure, 40 people might die in a subway station, but subway cars don't fly into office buildings. So, we should be more concerned about security for airplanes than for the metro. I won't go into all the federal/state politics that may also be at issue, but needless to say, the states are on their on when it comes to future terrorist threats.

I'm not a huge fan of Posner. He sure can write a lot. And he has said some interesting things about privacy. (In a 1978 law review article, he wrote about mailing lists, Coase, and opt-in v. opt-out. In the Economic of Justice (1982), he gave us a nice instrumental argument for confidentiality. And he's written some remarkable privacy opinions as a federal appellate judge in the last few years.) But the problem with economics is that everything is up for sale. Including individual rights. Let's say we had an equation which said that we could increase public safety by 10% if we diminished personal freedom by 10%. How much freedom would you trade? What if you could gain a 10% increase in safety with only a 5% sacrifice in personal freedom? If you accept my premise that you can trade freedom for safety, I suspect there is some number where you would say "ok." But what if I suggest that your freedom helps ensure your safety? That open government, privacy protection, respect for the rights of the individual actually promotes public safety? What become of our economic analysis? I'll say more about this in a later post, but consider the lessons we might draw from the terrible tragedy in London. The most surveilled city in the world was also the site of one of the most significant terrorist attacks that ever occurred. Is surveillance the solution?

| Comments (0) | | TrackBack

A Pass on Privacy?

posted by:Jennifer Manning // 11:33 PM // July 18, 2005 // Surveillance and social sorting

New York Times Magazine, July 17 2005
Christopher Caldwell

Anyone making long drives this summer will notice a new dimension to contemporary inequality: a widening gap between the users of automatic toll-paying devices and those who pay cash. The E-ZPass system, as it is called on the East Coast, seemed like idle gadgetry when it was introduced a decade ago. Drivers who acquired the passes had to nose their way across traffic to reach specially equipped tollbooths -- and slow to a crawl while the machinery worked its magic. But now the sensors are sophisticated enough for you to whiz past them. As more lanes are dedicated to E-ZPass, lines lengthen for the saps paying cash.

The case for "implantable personal verification systems":
"Once implanted just under the skin, via a quick, simple and painless outpatient procedure (much like getting a shot), the VeriChip can be scanned when necessary with a proprietary VeriChip scanner. . . . VeriChip is there when you need it. Unlike traditional forms of identification, VeriChip can't be lost, stolen, misplaced or counterfeited."
Source: VeriChip Corporation

E-ZPass is one of many innovations that give you the option of trading a bit of privacy for a load of convenience. You can get deep discounts by ordering your books from Amazon.com or joining a supermarket ''club.'' In return, you surrender information about your purchasing habits. Some people see a bait-and-switch here. Over time, the data you are required to hand over become more and more personal, and such handovers cease to be optional. Neato data gathering is making society less free and less human. The people who issue such warnings -- whether you call them paranoids or libertarians -- are among those you see stuck in the rippling heat, 73 cars away from the ''Cash Only'' sign at the Tappan Zee Bridge.

Paying your tolls electronically raises two worries. The first is that personal information will be used illegitimately. The computer system to which you have surrendered your payment information also records data about your movements and habits. It can be hacked into. Earlier this year, as many as half a million customers had their identities ''compromised'' by cyber-break-ins at Seisint and ChoicePoint, two companies that gather consumer records.

The second worry is that personal information will be used legitimately -- that the government will expand its reach into your life without passing any law, and without even meaning you any harm. Recent debate in Britain over a proposed ''national road-charging scheme'' -- which was a national preoccupation until the London Tube bombings -- shows how this might work. Alistair Darling, the transport secretary, wants to ease traffic and substitute user fees for excise and gas taxes. Excellent goals, all. But Darling plans to achieve them by tracking, to the last meter, every journey made by every car in the country. It seems that this can readily be done by marrying global positioning systems (with which many new cars are fitted) with tollbooth scanners. The potential applications multiply: what if state policemen in the United States rigged E-ZPass machines to calculate average highway speeds between toll plazas -- something easily doable with today's machinery -- and to automatically ticket cars that exceed 65 m.p.h.?

There is a case to be made that only a citizenry of spoiled brats would fret over such things. Come on, this argument runs, anyone who owns an anti-car-theft device -- LoJack in the United States or NavTrak in Britain -- is using radio tracking to make a privileged claim on government services. If your LoJack-equipped Porsche is stolen, you can call the local police department and say, in effect, ''Go fetch.'' Stolen cars with such devices are almost always recovered. Car theft has fallen precipitously, which benefits us all.

For some time, the United States has required commercial trucks to register their mileage and routes. Last year, Germany initiated a new, more efficient G.P.S.-based truck-tracking system that seems intrusion-proof. Authorities discard the records after three months, which means they can't use them to arrest criminal truckers or dun deadbeat ones. Can such forbearance last?

In Germany, where history makes lax surveillance seem the lesser evil, yes. But not in the United States. Since the Warren Court, voters have, again and again, risen up against any libertarian trammeling of government in its fight against crime. People waver on whether to trade privacy for convenience, but they're pretty untroubled about trading privacy for security. On occasion, E-ZPass records have been used to track down criminal suspects.

When such crime-fighting aids are available, people clamor for them. In October, the F.D.A. approved, for medical use, the VeriChip, a device the size of a grain of rice. It can be implanted under a patient's skin and activated to permit emergency personnel to gain access to personal medical records. It's extremely useful when patients are unconscious, but there is a suspicion that the real application lies elsewhere. Similar devices can easily be fitted with other types of transmitters. ''Active'' implants are already being put to other uses: to trace livestock and lost pets and, in Latin America, to discourage kidnappings. Those who can put two and two together will find this VeriUnsettling. Monitoring can quickly change from convenience to need. Would you support a chip-based security system for nuclear power plant employees? If you were in the Army Special Forces, wouldn't you want a transmitter embedded in you?

In more and more walks of life, if what you want to do is not trackable, you can't do it. Most consumers have had the experience of trying to buy something negligible -- a pack of gum, say -- and being told by a cashier that it's impossible because ''the computer is down.'' It now seems quaint that after the Oklahoma City bombing in 1995, Congress argued over whether ''taggants'' should be required in explosives to make them traceable. Today everything is traceable. Altered plant DNA is embedded in textiles to identify them as American. Man-made particles with spectroscopic ''signatures'' can be used, for example, as ''security tags'' for jewels. The information collected about consumers is the most sophisticated and confusing taggant of all. It is a marvelous tool, a real timesaver and a kind of electronic bracelet that turns the entire world into a place where we are living under house arrest.

| Comments (0) | | TrackBack


posted by:Ian Kerr // 11:30 AM // // Surveillance and social sorting

many of those following the work of the On the Identity Trail project will know about PRIME (Privacy and Identity Management for Europe).

the PRIME project proposes building a user-controlled system for managing identities, positioning the relevant actors and their technology platform. the platform, they hope will address "the full range of needs of the users and privacy law."

in a recently released white paper, the PRIME consortium fosters debate on the privacy issues, seeking to build a consensus regarding acceptable solutions.

i'd be curious to hear what people think of the white paper....

| Comments (1) | | TrackBack

biometrics in airline tickets touted as making 'the process quicker'

posted by:Dina Mashayekhi // 06:17 PM // July 07, 2005 // Surveillance and social sorting

nice of them to do this just to make things more convenient for us -- heck i'll give 'em my dna so i can wait in line 2 minutes less.

i just wonder -- how long will the line take to encode your ticket with fingerprint data...

Airline tests biometric tickets

BERLIN (AP) -- The German airline Lufthansa has started testing tickets encoded with passengers' thumbprint data in hopes of speeding up check-ins without compromising security.

The 14-day trial started Monday with Lufthansa employees trying out the system, spokesman Thomas Jachnow said. If all goes well, the airline wants to roll it out in 2006.

Though people will still be able to check in for flights using the "classic system," the voluntary use of biometric data would make the process quicker, Jachnow said.

Passengers would get tickets encoded with their thumbprint data, then check themselves in by placing their thumbs on a machine. Frequent fliers would have their thumbprint data encoded on their frequent flier cards instead of their tickets, Jachnow said.

The German government is also starting to make use of biometric data in travel documents and will start issuing passports embedded with facial data in November. A fingerprint will be added in March 2007.

From Canoe

| Comments (3) | | TrackBack

Keystroke logging a no-no in Alberta

posted by:Jennifer Manning // 07:44 AM // // Surveillance and social sorting

Wednesday, July 6, 2005

Canadian Press

Lacombe, Alta. — A Privacy Commissioner's ruling against an Alberta library that electronically monitored an employee's computer use means employers have lost one objective way of measuring workers' performance, says the library's director.

Patricia Silver, director of the Parkland Regional Library, ordered the installation of keystroke logging software on the computer of an employee whose productivity was questioned.

When the employee discovered that he had been monitored, he lodged a complaint with Alberta's information and privacy commissioner.

In a decision released last week, Commissioner Frank Work ruled that the library collected personal information about the employee in contravention of the Freedom of Information and Protection Privacy Act.

The employee, who was not named, worked as a computer technician for six months in 2004. Ms. Silver said it was a job where productivity was hard to measure.

“We thought that using an objective check through the computer would be the most fair and objective way to do that,” she said Wednesday.

“If you have something like a cataloguing clerk, if they only catalogue one book a day, you notice. If they catalogue 100, you notice. With that kind of job, it's easy to say either ‘You're doing great work' or ‘You need to be more productive' or whatever. But that's not true of all the areas of our operation.”

Ms. Silver disputed Mr. Work's finding that the library collected personal information on the employee, saying managers never looked at any of the computer files that were logged. She said she believed the keystroke logging would be allowed under a clause in the act that permits collection of information that is necessary for an operating program or activity of a public body.

“Mr. Work felt that it was too intrusive on the employee, and certainly we accept his interpretation and would abide by it in the future,” she said.

“But beyond our case, it raises the question of how do you look at people's productivity and the quality of their work in certain occupations where it's hard to tell, given the technology nowadays?

“We are responsible for taxpayers' money in our organization and we do like to think we give good value in terms of productivity of our staff. So I think that remains a question.”

Mr. Work said the library could have used “less intrusive means” to get the information needed to manage the employee.”

He noted that other library information technology employees weren't similarly monitored.

“This lack of even-handedness further undermines the public body's explanation for the collection,” Mr. Work said.

He dismissed an argument from the employee that the collected information had not been adequately protected.

Mr. Work said he didn't have the jurisdiction to rule on whether or not the employee was dismissed as a result of his complaint. Ms. Silver confirmed the employee no longer works at the library but said his departure had nothing to do with the privacy complaint.

| Comments (0) | | TrackBack

U.S. General Accounting Office Issues RFID Report

posted by:Marty // 04:21 PM // June 19, 2005 // Surveillance and social sorting

A little late than never...

The U.S. General Accounting Office (GAO), Congress's oversight body, issued its report on the promise and perils of RFID use by the U.S. Federal Government, in May, 2005 (see "Information Security: Radio Frequency Identification Technology in the Federal Government"). The report highlights the use, or planned use, of RFID technology by Federal agencies. Moreover, the report makes the following findings regarding privacy and security of information:

Of the 16 agencies that responded to the question on legal issues associated with RFID implementation in our survey, only one identified what it considered to be legal issues. These issues relate to protecting an individual’s right to privacy and tracking sensitive documents and evidence.
Several security and privacy issues are associated with federal and commercial use of RFID technology. The security of tags and databases raises important considerations related to the confidentiality, integrity, and availability of the data on the tags, in the databases, and in how this information is being protected. Tools and practices to address these security issues, such as compliance with the risk-based framework mandated by the Federal Information Security Management Act (FISMA) of 20023 and employing encryption and authentication technologies, can help agencies achieve a stronger security posture. Among the key privacy issues are notifying individuals of the existence or use of the technology; tracking an individual’s movements; profiling an individual’s habits, tastes, or predilections; and allowing secondary uses of information. The Privacy Act of 1974 limits federal agencies’ use and disclosure of personal information,4 and the privacy impact assessments required by the E-Government Act of 2002 provide an existing framework for agencies to follow in assessing the impact on privacy when implementing RFID technology.5 Additional measures proposed to mitigate privacy issues, such as using a deactivation mechanism on the tag, incorporating blocking technology to disrupt transmission, and implementing an opt-in/opt-out framework for consumers remain largely prospective.

Supply & Deman Chain Executive, features this article, which offers a deconstructive view of the GAO's report.

The GAO report is flawed and provides a relatively unfavorable, potentially damaging view of RFID. The report cites several security-related issues that RFID can present, such as tracking individual movements, preferences, confidential personal information, etc. The report also suggests that interest from government officials in RFID is increasing, especially as costs fall and application uses expand. To compile the report the GAO focused on responses received from a variety of government agencies — 24 in total — including, the departments of State, Energy, Homeland Security, Labor and others.

As always, there are multiple views to every story.

| Comments (0) | | TrackBack

beginning of the end of 'anonymous' use of public transit in the GTA

posted by:Dina Mashayekhi // 08:49 AM // June 15, 2005 // Surveillance and social sorting

- see article below..
- i tried to find more information but these questions remained unanswered -- will cash fares increase thus inducing people to go with the smart card?
- where/how will personal info, travel histories be tracked/stored, who has access?
- the brief privacy notes on the mto page say that a person can still use the system without providing personal info "however some personal data will be required if riders want to make pre-authorized payments, protect their cards against loss or theft or obtain concession fares."
- a pilot project has been in place w/ the use of smart cards in some go transit corridors since 2001, haven't found much privacy related info -- atip possibility?

From the Globe and Mail:

TORONTO — The Ontario government is planning to bring in a single pass system for public transit in the Greater Toronto Area.

The unified-fare card will be good on GO Transit and seven local systems in the region.

The card, announced by Transportation Minister Harinder Takhar, will likely be available in early 2007.

Mr. Takhar says riders won't have to search for exact change, buy tickets or carry different passes to travel on the different transit systems.

Brampton, Burlington, Hamilton, Mississauga, Oakville, Toronto and York Region have all signed on to develop the integrated-fare system.

The plan is expected to be fully in place from Hamilton to Whitby by 2010.

"Creating a transit culture in this province means using the latest technology to improve transit service," Mr. Takhar said.

"The possibilities for this card are endless. In Hong Kong, for example, transit-fare cards can also be used at parking facilities, fast food outlets and vending machines."

| Comments (0) | | TrackBack

if you think 'chipping' granny might be too invasive, here's your alternative

posted by:Dina Mashayekhi // 10:55 AM // June 14, 2005 // Surveillance and social sorting

The new geopositioning phone-bracelet detects any departure from a security zone surrounding the residence

The Canadian company Medical Intelligence has developed a bracelet for Alzheimer's patients that can message key people via a GSM network when a patient wanders out of a "secure zone" as monitored via A-GPS. The rate of Alzheimer's patients that "wander" or "stray" is almost 60%, with a high death rate when they are not found quickly. The innovation introduced today is a definitive solution to the problems that families, caregivers and police authorities must deal with.

Columba, the new geopositioning phone-bracelet, required three years of research and development. Louis Massicotte, founding president of Medical Intelligence, had the idea of creating the bracelet after the repeated wanderings of his own mother, who suffers from Alzheimer's.

To prevent any disappearance, the Columba bracelet automatically detects any departure from a security zone surrounding the residence or nursing home. The "zone" is pre-determined by the patient's family or caregiver. The Columba then alerts a medical assistance centre that promptly contacts the family or caregiver to coordinate assistance efforts.

If required, the medical assistance centre, which operates 24-7, can accurately geoposition the bracelet wearer and establish audio communication using Columba's "handsfree" feature.

The Columba has a GPS-Assisted positioning system, a GSM/GPRS transmitter/receiver with a SIM card for voice and data, and an intelligent alert detection system.

The very first implementation of the system will take place this summer in Paris at the Medidep Brune nursing home, and use the Orange phone network.

Nearly 800,000 people suffer from Alzheimer's in France, three-quarters of whom are in a home-care situation. Alzheimer's affects close to 10% of the population over the age of 65.

"To successfully keep Alzheimer's patients in the home, we must do our utmost to guarantee their safety", says Dr. Stephane Bergeron, President and CEO of Medical Intelligence. "In order to responsibly secure the patient's environment, without restricting or isolating him or her, we must be alerted at the very beginning of an instance of wandering or running away. The Columba bracelet ensures such security and enables,, when required, the geopositioning of the wearer. You can even speak with him because the phone-bracelet is connected to the Orange network and includes a "handsfree" phone feature."

"Orange has supported the development of this product for the last two years, and we are pleased to see that our mobile phone network can make an effective contribution to patients' security and well-being. We are proud to contribute to the introduction of an innovative mobile service that responds to a major public health problem. The Columba phone-bracelet provides its wearer with a "lifeline", giving him more freedom and more security," stated Jean-Noel Tronc, Director of Strategy at Orange.

The Columba phone-bracelet is expected to be available in drugstores before the end of 2005.

Found at http://www.pcscanada.com/newsstory_details.asp?id=1470&type=

Read the Press Release

| Comments (0) | | TrackBack

consumer profiling gets in your head

posted by:Dina Mashayekhi // 06:54 PM // June 13, 2005 // Surveillance and social sorting

Marketers try high-tech tool to push brain's 'buy button'

Marketers are trying to use brain scans to convince consumers to buy their product, although scientists say the approach may not be ready to be applied.

Peering into someone's brain seems like it may have its benefits for marketers, who aim to find out whether consumers will like a product.

"If you knew exactly how they were hearing your messages, clearly you can choose the best way of making that message to them," said Barry Welford, president of Strategic Marketing Montreal.

Brain scan technology, such as functional MRIs, shows which parts of the brain are activated by impulses. Some marketers theorize that since the scans suggest positive or negative reactions, the technology can help them to fine-tune their message.

"Right now, media tools are pretty much limited in terms of how to reach people," said Fred Auchterlonie, vice-president of PHD Media Canada, one of the first companies to use the technique in Canada. "Really what we're trying to get at is how to influence them. But the technique is not cheap."

A single experiment with at least 12 subjects could cost as much as $7,500.

Continued at CBC News

| Comments (0) | | TrackBack

Google's memory stirs privacy concerns

posted by:Jennifer Manning // 10:50 PM // June 06, 2005 // Surveillance and social sorting

When Google's 19 million daily users look up a long-lost classmate, send email or bounce around the web more quickly with its new Web Accelerator, records of that activity don't go away.

In an era of increased government surveillance, privacy watchdogs worry that Google's vast archive of internet activity could prove a tempting target for abuse.

Like many other online businesses, Google tracks how its search engine and other services are used, and who uses them. Unlike many other businesses, Google holds onto that information for years.

Some privacy experts who otherwise give Google high marks say the company's records could become a handy data bank for government investigators who rely on business records to circumvent Watergate-era laws that limit their own ability to track US residents.

At a time when libraries delete lending records as soon as a book is returned, Google should purge its records after a certain point to protect users, they say.

"What if someone comes up to them and says, 'We want to know whenever this key word comes up?' All the capability is there and it becomes a one-stop shopping centre for all these kinds of things," said Lauren Weinstein, an engineer who co-founded People for Internet Responsibility, a forum for online issues.

Click here for the rest of the article.

| Comments (0) | | TrackBack

Pharming and other security woes hector VoIP

posted by:Jennifer Manning // 10:17 PM // // Surveillance and social sorting

From: CNET.com

There are few clearer signs that an information technology has hit the mainstream than when it becomes the focus of pharming and other security attacks.

Low-cost voice over Internet Protocol (VoIP) phone services now capturing the general public's imagination are indeed being targeted by online attackers, who have been known to eavesdrop on calls, deny customers access to their VoIP service and cause "clipping," or degraded service quality, on some accounts, say executives gathered here for Supercomm 2005, a major phone trade show.

VoIP's security problems only heighten concerns simmering since January, when a Harris Interactive poll found that 60 percent of all adults in the United States who are aware of Internet telephony but not using it believe it could be subject to security and privacy issues.

VoIP's security vulnerabilities both highlight the enormous potential of the service and threaten to derail the success of freely distributed VoIP software, which lets any Internet connection also serve as a home or business phone line. About 7.5 million out of 200 million homes and offices have traded in their traditional phone lines for VoIP. But research firm Gartner predicts there could be as many as 25 million VoIP-connected homes by 2008. Among the big draws: VoIP operators' $20-a-month unlimited calling plans.

One of VoIP's flaws is that it is inherently vulnerable to hackers because, like e-mail, VoIP calls find their way by locating an IP (Internet Protocol) address, a unique set of numbers assigned to each device connected to the Web. Yet while scores of commercial VoIP providers have quickly expanded to take advantage of the growing interest in the service, many have not implemented even basic security measures, such as encrypting phone calls.

While information about attacks on VoIP systems are mostly still the stuff of white papers, some businesses using the service are encountering attacks, according to corporate phone-systems integrator BearingPoint Institute, which didn't provide details.

"Security is crucial to broad acceptance of IP telephony," said Christian Stredicke, founder of Berlin-based Snom Technology and a speaker at a Supercomm security summit.

Time may be running out to completely contain VoIP security threats, however. In January, analysts at Gartner said it will be only two years before organized attacks begin on signaling networks, the portions of telephone networks that carry the routing instructions that ensure calls reach the right place.

"Not surprisingly, as many VoIP operators rush to capture new business, hackers are rushing too--to explore and exploit ways to steal or disrupt these services," Stephen Doty and Fred Hoffmann, two BearingPoint managers, wrote in a recently released white paper.

For their part, many VoIP service providers and equipment makers are turning to the relatively new Voice over IP Security Alliance. The alliance will define security requirements across a variety of VoIP deployments and address issues such as security-technology components, architecture and network design, network management, and end-point access and authentication.

New VoIP security threats seem to come every week, a brisk pace. One that recently surfaced is a VoIP version of pharming, one of the latest security scares for Internet users of all sorts.

Pharming exploits vulnerabilities in a piece of network equipment responsible for translating e-mail and Web addresses into IP addresses. Security experts speaking at Supercomm this week said that, by hijacking a domain-name system (DNS) server--a computer that stores and organizes IP addresses--pharmers get control of VoIP calls.

Without their knowledge, VoIP users' calls could then be redirected to IP addresses completely different from the ones the users dialed, warns Paul Mockapetris, the inventor of the domain name system.

The list of different VoIP attacks is growing and highlights the adaptibility of the attackers.

One of the earlist VoIP threats identified, Caller ID spoofing, substitutes someone else's Caller ID information as your own.

The security problem known as clipping, meanwhile, occurs when a cable modem is targeted with a huge flood of traffic, creating a "clipping" disruption on VoIP phone calls. Another type of attack, called V-bombing, occurs when thousands of voice mails are targeted simultaneously to a single VoIP mailbox.

| Comments (0) | | TrackBack

The results are in: 2005 Electronic Monitoring & Surveillance Survey

posted by:Marty // 06:31 PM // May 25, 2005 // Surveillance and social sorting

Last week, on May 18, 2005, the American Management Association issued a press release that highlights the results from its 2005 survey on workplace electronic monitoring and surveillance. Here are some notable results:

- 26% have fired workers for misusing the Internet,
- Another 25% have terminated employees for e-mail misuse,
- 6% have fired employees for misusing office telephones,
- 76% of employers monitor workers' Website connections for inappropriate content,
- 65% of companies use software to block connections to inappropriate Websites—a 27% increase since 2001 when AMA and ePolicy Institute last surveyed electronic monitoring and surveillance policies and procedures in the workplace,

"Of those organizations that engage in monitoring and surveillance activities, fully 80% inform workers that the company is monitoring content, keystrokes and time spent at the keyboard; 82% let employees know the company stores and reviews computer files; 86% alert employees to e-mail monitoring; and 89% notify employees that their Web usage is being tracked."

At least 89% of respondents have the decency to notify employees that their usage is being tracked.

Forgetting for a momment obvious issues of discomfort, as an aside think of how employees can spin snooping to their benefit and use the fact that they are being watched to create the image of being the great employee. Perhaps they can look at key websites, send useless e-mails complementing the company and superiors, thereby helping mold a model employee image. Imagine getting a bigger raise because the boss, who reads your e-mail, is under the impression that you worship the ground she walks on. Of course how likely is that?

What really is distressing here is not the use of technology to track online and telecommunications activity, but rather using technology, such as GPS, to track physical activity.

"Employers who use Assisted Global Positioning or Global Positioning Systems satellite technology are in the minority, with only 5% using GPS to monitor cell phones; 8% using GPS to track company vehicles; and 8% using GSP to monitor employee ID/Smartcards.
The majority (53%) of companies employ Smartcard technology to control physical security and access to buildings and data centers. Trailing far behind is the use of technology that enables fingerprint scans (5%), facial recognition (2%) and iris scans ( 0.5%)."

How long until these numbers skyrocket? All it takes is a decrease in acquisition cost to make the business-case all the more viable. Once that occurs, the sanctity of physical movement and activity (inactivity as the case may be when trying to sneak a nap at one's desk) will be erroded.

| Comments (0) | | TrackBack

Personal Data Search Engines

posted by:Shannon Ramdin // 09:17 AM // May 13, 2005 // Surveillance and social sorting

Wired News recently interviewed ZabaSearch’s CEO Robert Zakari and Chairman Nicholas Matzorkis. ZabaSearch.com is one of the most extensive personal-data search engines on the net. The database provides personal information, such as residential addresses and phone numbers (listed & unlisted). For an extra fee, background checks and criminal history reports can also be obtained. Is ZabaSearch.com exploiting data privacy or merely providing a synthesized location with government and public information?

Click here for the full interview.

| Comments (9) | | TrackBack

The bright pink teddy bear is watching you

posted by:Marty // 11:32 PM // May 01, 2005 // Surveillance and social sorting

While not describing anything innovative or any new issues in surveillance, this article from CNN provides a nice overview of some household surveillance technologies. Of note is the description of the practices of the UK store Spymaster:

The latest equipment is kept hidden, and checks are done on clients wanting to buy the more advanced equipment...

"We run background checkups on any clients that want to purchase more sensitive equipment,"

"You can never be 100 percent sure but you can minimize the risk of selling to the wrong people. We have to be responsible."

Click here for the article.

| Comments (0) | | TrackBack

California bill would ban tracking chips in IDs

posted by:Jennifer Manning // 10:50 AM // April 29, 2005 // Surveillance and social sorting

A bill that would put strict limits on California's use of such devices in all state-issued identity documents is making its way through the state's legislature and was approved this week in a 6-to-1 vote by a senate judiciary committee. It's the first bill of its kind in the nation, said its author, state Sen. Joe Simitian.

Supporters of the bill, including the American Civil Liberties Union and the Electronic Freedom Foundation, say unchecked use of the technology, known as radio frequency identification, or RFID, could trample people's privacy and aid identity thieves.

Click here for the rest of the CNET article.

Click here for a copy of the bill.

| Comments (0) | | TrackBack

Feds Rethinking RFID Passport

posted by:Jennifer Manning // 07:58 AM // April 27, 2005 // Surveillance and social sorting

Following criticism from computer security professionals and civil libertarians about the privacy risks posed by new RFID passports the government plans to begin issuing, a State Department official said his office is reconsidering a privacy solution it rejected earlier that would help protect passport holders' data.

The solution would require an RFID reader to provide a key or password before it could read data embedded on an RFID passport's chip. It would also encrypt data as it's transmitted from the chip to a reader so that no one could read the data if they intercepted it in transit.

Click here for the rest of the Wired News article.

| Comments (1) | | TrackBack

High-tech IDs planned for U.S. government workers

posted by:Jennifer Manning // 01:38 PM // April 16, 2005 // Surveillance and social sorting

By Stephen Manning, Associated Press
As part of the Bush administration's effort to tighten security at U.S. federal facilities, millions of federal employees and contractors will later this year start receiving ID badges with chips storing information such as digital fingerprints.

The "smart card" IDs will have security features designed to keep outsiders from breaking into federal buildings or computer systems.

Click here for the rest of the article.

| Comments (1) | | TrackBack


posted by:Ian Kerr // 02:00 PM // April 14, 2005 // Surveillance and social sorting

steve mann made quite a "splash" in seattle yesterday at CFP (computer, freedom and privacy) by presenting his views on what he calls "sousveillance", a set of practices which he thinks are necessary as a counter-balance to increasing state and corporate surveillance.

at the end of the first day of the conference, steve and other members of the on the identity trail project led a sousveillance tour of seattle, funded by bell canada.

as a participant on that tour, i experienced first hand the fact that those who engage in surveillance jealously guard their own anonymity, prohibiting the reverse practice of allowing citizens to photograph, record or otherwise capture images of the way they do surveillance. the watchers don't like being watched!!

although i personally disagree with many of steve's own practices and some of his arguments about achieving what he calls "equiveillence" by "shooting back", it was quite compelling to experience the attitudes of those engaged in surveillance and how much insight foucault had on the subject when he wrote discipline and punish .

if you want to read more on steve and how his views were received by david brin and others at CFP, here is an interesting article from the seattle times

| Comments (2) | | TrackBack

Some MasterCard holders exposed to data theft

posted by:Jennifer Manning // 08:46 AM // // Surveillance and social sorting

HSBC Holdings is notifying at least 180,000 people who used MasterCard credit cards to make purchases at Polo Ralph Lauren that criminals may have obtained access to their credit card information, and that they should replace their cards.

Click here for the rest of the article.

| Comments (0) |

Aeroplan rapped over data security

posted by:Jennifer Manning // 07:44 PM // April 12, 2005 // Surveillance and social sorting

By Paul Waldie, Globe and Mail

The Office of the Privacy Commissioner has sharply criticized security at Air Canada's popular Aeroplan frequent-flyer program and told the airline to better protect members' account information.

On the whole, there was a clear lack of diligence on the part of Air Canada with respect to its handling and protection of customer personal information," Heather Black, assistant privacy commissioner, said in a recent ruling involving a Vancouver businessman whose Aeroplan account was accessed, and changed, by his former boss.

Click here for the rest of the article.

| Comments (0) |

Our Ratings, Ourselves

posted by:Jennifer Manning // 01:19 PM // // Surveillance and social sorting

Arbitron, a Maryland-based company, is recruiting several thousand volunteers in Houston who will wear a portable people meter, or PPM.

The volunteers will wear the PPM while awake. Before going to bed, the volunteers will be expected to dock the P.P.M. in a cradle so that overnight it can automatically send its data to a computer center in Maryland, where statisticians can download and review the information.

The goal is for the P.P.M. will tell Arbitron exactly what kind -- and exactly how much -- television and radio programming a person was exposed to during the day. The P.P.M. may also tell the technicians at Arbitron a host of other things too, like whether a P.P.M.-wearer heard any Web streaming, any electronic media with audible sound that someone might encounter on a typical day.

Click here for the NY Times article.

| Comments (0) | | TrackBack

LexisNexis breach may be worse than thought

posted by:Dina Mashayekhi // 10:50 AM // // Surveillance and social sorting


Tuesday, April 12, 2005 Updated at 9:54 AM EST

Associated Press

LONDON — Publisher and data broker Reed Elsevier Group PLC said Tuesday that up to 10 times as many people as originally thought may have had their profiles stolen from one of its U.S. databases.

The company reported last month that intruders may have accessed personal details of 32,000 people via a breach of its legal and business information service LexisNexis' recently acquired Seisint unit. It now says that figure is closer to 310,000 people.

The breach, discovered during internal checking procedures of customers' accounts, is being investigated by U.S. law enforcement authorities.

Information accessed included names, addresses, Social Security and driver license numbers, but not credit history, medical records or financial information, the Anglo-Dutch group said in a statement to the London Stock Exchange.

"LexisNexis is notifying all these individuals and is offering free support services, including credit bureau reports, credit monitoring for one year and fraud insurance, to monitor and protect them from possible fraud associated with identity theft," the company said.

Continued at http://www.globetechnology.com/servlet/story/RTGAM.20050412.gtlexixapr12/BNStory/Technology

| Comments (2) | | TrackBack

Foreign Intelligence Surveillance Act Court increases surveillance authorizations

posted by:Marty // 06:51 PM // April 11, 2005 // Surveillance and social sorting

The U.S. Justice Department has issued and made public its report on surveillance authorizations under FISA. How many authorizations for electronic surveillance were there in 04? 1,758 (not one denial). This is an increase from 1,727 in 2003.

These figures represent only electronic surveillance, wiretaps and physical searches that are authorized under FISA.

| Comments (0) | | TrackBack

IM threats rising sharply

posted by:Jennifer Manning // 09:31 AM // April 06, 2005 // Surveillance and social sorting

A recent study released by IMlogic Threat Center found that the quantity of instant messaging (IM) threats increased 250 percent in the first quarter of 2005, compared with the same period last year.
Click here for the CNET article.

For more information about security threats on IM and some possible solutions, see Ian Golberg's ID Trail mix from Tuesday, April 5th.

| Comments (0) |

VeriChip Acquires Canadian Company

posted by:Michelle Gordon // 01:35 PM // April 05, 2005 // Surveillance and social sorting

No, it does not seem like an April Fool's Joke.

On April 1, 2005, VeriChip Corporation completed its acquisition of eXI Wireless of Richmond, British Columbia. As a result of the transaction, VeriChip will now offer RFID Products for People, through a complete array of implantable and external RFID products for people in the healthcare and security environment. In addition to the VeriChip (implantable microchip), which was cleared by the FDA for its medical applications in October, 2004, VeriChip Corporation will now offer eXI’s premier RFID products: HALO, RoamAlert and Assetrac.

What will this mean for Canada? Will the Canadian government start to pay more attention to this issue now? With VeriChip projecting revenue goals of $8-10 million in 2005, does this mean a natural expansion into Canada?

See Verichip press release and eXI press release.

| Comments (0) | | TrackBack

China blocking postings about the Pope's death

posted by:Marty // 11:05 PM // April 04, 2005 // Surveillance and social sorting

Exemplifying state control of digital activity, the Chinese government is blocking internet postings regarding the death of Pope John Paul II.

While popular portals such as Sina.com and Sohu.com's on-line discussion forums were flooded with messages about the pope Saturday, no messages could be seen Monday.

An official with Sohu.com confirmed the company had censored the comments, using sophisticated technology to allow only the writer to see his or her own comments.

Click here for more.

| Comments (0) | | TrackBack

Student tracker proposed

posted by:Marty // 08:53 PM // // Surveillance and social sorting

The U.S. Federal Education Department is looking to establish a fully integrated database of students as they move through post-sencondary education. See this article for more.

The proposed database would provide individually identifiable student information, including names, Social Security numbers, number of courses taken and credits earned, degrees completed, and actual education costs.

Woah! That is quite the demand of personally indentifiable information. One would think that with tracking so much (how long until this database is hacked into?) information there must be a tremendous purpose behind the desire for collection and retention.

According to the study, federal officials and lawmakers need the database of student records to obtain more accurate measures of institutional accountability and program effectiveness. It states that the proposed database would help policy-makers calculate, for example, the net price of college education and to monitor in real time federal student aid programs, such as Pell grants, and variations in aid packaging.

Interesting rationale. To me, however, these needs do not seem pressing or substantial enough to justify or equate with what would be collected.


| Comments (0) | | TrackBack

European Commission releases biometrics study

posted by:Jennifer Manning // 12:25 PM // // Surveillance and social sorting

The European Commission recently published a study titled "Biometric Frontiers: Assessing the impact on Society".

The two main conclusions of the study were that
a) the use of biometrics can bring improved convenience for individuals, but that
b) the limitations of biometrics need to be recognized (for example, biometric systems are not 100% accurate).

Click here for a copy of the report.

| Comments (0) |

EU wants biometric passports delayed

posted by:Jennifer Manning // 12:08 PM // // Surveillance and social sorting

The European Union has called on the United States to delay the deadline for the introduction of biometric passports for visitors without visas, from October 2005 to August 2006.

If the U.S. does not agree to the delay, millions of travellers will have to obtain visas prior to entering.

Click here for the CNET article.

| Comments (0) |

Wireless device can monitor patients

posted by:Jennifer Manning // 05:12 PM // March 31, 2005 // Surveillance and social sorting

Nordic telecommunications operator TeliaSonera said Wednesday it is launching a new product that lets doctors monitor their patients through a wireless device.

The new system, called BodyKom, connects wirelessly to sensors on the patient. If dangerous changes are detected in the patient's body, the hospital or health care services are automatically alerted over a secure mobile network connection.

The unit receiving the alarm will also be informed of the geographic position of the patient through the use of GPS technology.

Click here for the USA Today article.

| Comments (0) |

Michigan may require on-line dating checks

posted by:Jennifer Manning // 01:07 PM // March 29, 2005 // Surveillance and social sorting

Politicians in Michigan are considering legislation that would require an Internet dating company serving residents to disclose on its website whether it has conducted criminal background checks on users, based solely on the names provided.

Backers say just posting the background-check disclosure would go a long way toward boosting awareness of the possible dangers of meeting people on-line. But critics — including most on-line sites — say any feeling of security would be deceptive because there is no way to ensure people give their real names.

Can and should the government regulate the Internet?

Click here for the Globe and Mail article.

| Comments (0) |

Amazon seeks to know you better than you know yourself

posted by:Dina Mashayekhi // 08:49 AM // // Surveillance and social sorting

On-line retailer compiling customer profiles to help it market products

SEATTLE — Amazon.com Inc. has one potentially big advantage over its rival on-line retailers: It knows things about you that you may not know yourself.While plenty of companies have detailed systems for tracking customer habits, critics and boosters alike say Amazon is the trailblazer, having collected information longer and used it more actively. It even received a patent recently on technology aimed at tracking information about the people for whom its customers buy gifts.

Amazon sees such data gathering as the best way to keep customers happy and loyal, a relationship-building technique that analysts consider potentially crucial to beating other on-line competitors.

"In general, we collect as much information as possible such that we can provide [customers] with the best feedback," said Werner Vogels, Amazon's chief technology officer.

But some privacy advocates believe Amazon is getting dangerously close to becoming Big Brother with your credit card number.

"They are constantly finding new ways to exploit personal information," said Chris Hoofnagle of the Electronic Privacy Information Center, an Amazon nemesis since 2000 after the company changed its privacy policy to allow sharing of personal information with companies it buys or partners with.

For years, Amazon has collected detailed information about what its customers buy, considered buying, browsed for but never bought, recommended to others or even wished someone would buy them.

It has built ever-more sophisticated tools to recommend more purchases, direct your searches toward products it thinks you're most likely to want, or even stop the forgetful among us from buying the same book we purchased five years ago.

For example, a customer who buys the movie Lost In Translation might also be prodded to buy 21 Grams or Kill Bill -- Vol. 1 because others have made similar purchases. And customers who searched several times for a Laurie R. King mystery novel might find a book by her the next time they visit Amazon's home page.

More recently, the Seattle-based virtual retailer has launched a Web search engine, called A9, that can remember everything you've ever searched for -- and the site reserves the right to share that information with its retailing arm.

Amazon also funds a website called 43 Things. It seeks to link people with similar goals, such as getting out of debt.

Technology that can accurately anticipate a customer's greatest desires is going to be crucial in the growing competition with Internet-based upstarts and traditional retailers moving on-line, said analyst David Garrity with Caris and Co.

"One would argue that this is the basis on which a great relationship with a customer was founded," Mr. Garrity said. "If only our significant others were like this."

But Amazon must build that relationship without alienating the customer. As customer tracking gets more detailed, Mr. Garrity said Amazon and other companies should start asking customers for permission to gather certain information.

To some privacy experts, Amazon has already crossed the line.

Most recently, Amazon tangled with privacy advocates over a patent on technology that aims to track a shopper's gift-giving habits, including the recipient's age and preferences.

Continued at http://www.theglobeandmail.com/servlet/story/RTGAM.20050328.gtramazon28/BNStory/Technology/

| Comments (0) |

"Big Brother is Now Riding Shotgun"

posted by:Hilary Young // 11:51 AM // March 17, 2005 // Surveillance and social sorting

Tuesday's Ottawa Citizen included an article about insurance companies offering discounts to drivers who are willing to have monitoring devices installed in their cars. The devices monitor the speed, time and distance a car is driven. The idea is to reward safe drivers (does that mean slow drivers?) and those who drive infrequently with lower insurance rates.

For now this is just a pilot program, but interesting questions are being raised. For example, will this turn into a way for parents to monitor their teens' driving habits?

For the complete article, follow this link.

| Comments (0) |

VeriChip expands to second U.S. hospital

posted by:Michelle Gordon // 04:14 PM // March 15, 2005 // Surveillance and social sorting

VeriChip Corporation announced that a second U.S. hospital, the Hackensack University Medical Center in New Jersey, will now use the VeriChip technology in its Emergency Department and for scanning patients.

Unlike at Harvard Medical School, where the CIO, Dr. John Halamka, decided to chip himself, this hospital has announced that Molly Phillips, daughter of its Foundation's President and a juvenile diabetes patient, will be chipped this week.

See press release.

| Comments (8) | | TrackBack

Privacy advocates frown on Amazon snooping plan

posted by:Jennifer Manning // 09:21 AM // March 14, 2005 // Surveillance and social sorting

Amazon was granted a patent last week for a system that gathers clues about customers' gift-giving habits in order to suggest future gifts and reminders. It also profiles gift recipients and guesses their age, birthday and gender.

Click here for the CNET article.

| Comments (0) |

Fujitsu sees biometric future in palms

posted by:Jennifer Manning // 10:43 AM // March 13, 2005 // Surveillance and social sorting

Fujitsu is in the process of developing a biometric scanner that identifies people by looking at the veins in the hands.

It works using infrared light to scan for hemoglobin, which provides oxygen to cells in the body, the company said. Reduced hemoglobin absorbs near-infrared rays, so on the image it shows up as black, with the rest of the hand colored white.

Click here for the CNET news article.

| Comments (0) |

Tracking PCs anywhere on the Net: a new technique to identify computer hardware remotely

posted by:Rafal Morek // 11:20 PM // March 11, 2005 // Surveillance and social sorting

Security researchers led by Tadayoshi Kohno (University of California) have developed a technique for remotely fingerprinting an electronic device using clock skews - small, microscopic deviations in device hardware. This technique could potentially unmask anonymous Web surfers by bypassing some common security techniques. Kohno's research is expected to be presented at the Institute of Electrical and Electronics Engineers Symposium on Security and Privacy in California in May.

Click here for the articles in the Register and
ZDNet News.

| Comments (0) |

SAP, Intel to Work Together on RFID Technology

posted by:Jennifer Manning // 11:13 AM // March 10, 2005 // Surveillance and social sorting

Software maker SAP and microchip maker Intel Corp. will work together to encourage companies to adopt radio frequency identification (RFID) technology.

The companies are collaborating in order to allow firms to integrate data collected from RFID chips.

Click here for the New York Times article.

| Comments (0) |

RFID Business

posted by:Marty // 11:38 PM // March 09, 2005 // Surveillance and social sorting

Curious to know what the corporate world is thinking when it comes to RFID tags? Want to see glossing over of privacy issues? Then click along to this article from Knowledge @ Wharton, a newsletter put out by the Wharton School of Business, which offers a peek into the how RFIDs are presented to the business reader..

Who Gains, Who Loses, from RFIDs growing presence in the marketplace?

| Comments (0) |

Lexis Nexis Hacked

posted by:Dina Mashayekhi // 05:45 PM // // Surveillance and social sorting

Lexis Nexis joins Choicepoint in failure to protect data...

NEW YORK — Hackers commandeered a database owned by information industry giant Lexis Nexis, gaining access to the personal files of as many as 32,000 people, company officials said Wednesday.

U.S. federal and company investigators were looking into the breach at Seisint, which was recently acquired by Lexis Nexis and includes millions of personal files for use by such customers as police and legal professionals.

Information accessed included names, addresses, Social Security and driver's licence numbers, but not credit history, medical records or financial information, corporate parent Reed Elsevier Group PLC said in a statement.

"We sincerely regret the circumstances that were recently announced," Kurt Sanford, president and chief executive officer of Lexis Nexis corporate and federal markets, said in a statement.

See http://www.theglobeandmail.com/servlet/story/RTGAM.20050309.gtlexismar9/BNStory/Technology/

| Comments (0) |

They look to your cell-phone first

posted by:Marty // 03:38 PM // March 05, 2005 // Surveillance and social sorting

I came across this interesting blog post discussing how law enforcement increasingly check out cell-phone records of suspects. Further, the post offers commentary on what it means to connect the dots between where a cell-phone is, physically, in relation to the crime scene.

Check it out here

| Comments (0) |

No more anonymous .us registration

posted by:Marty // 02:59 PM // // Digital Democracy: law, policy and politics | Surveillance and social sorting

On Friday March 4, 2005, Wired published a story that the US Commerce Department has banned proxy registration, i.e. anonymous registration, of .us domain names.

The department's National Telecommunications and Information Administration, has responded to this by saying this has always been its policy and there is no policy change. See the latest here.

What's the big idea of anonymous domain name registration? For one thing, spammers pluck contact info from registries and spam spam spam. This is of course on top of the standard issues of online anonymity.

| Comments (1) |

On the Net, Unseen Eyes

posted by:Jennifer Manning // 09:26 PM // February 24, 2005 // Surveillance and social sorting

A group of parents have filed a complaint against a Tennessee school board for having unsecure surveillance cameras in their locker rooms.
The complaint alleges that the video server was accessed over the Internet several times by someone outside the school.
Click here for the New York Times article.

| Comments (0) |

Interesting tidbit: Cellphone Jammers

posted by:Anne Ko // 10:14 PM // February 23, 2005 // Surveillance and social sorting

It’s common knowledge that cellphones are not a reliable and secure form of communication. Below is a link to an article that provides yet more evidence. People in New York are taking advantage of cell phone jammers, which are electronic devices that interfere with satellite signals to prohibit a cell user from getting proper reception. I think these devices are somewhat akin to those now outlawed laser keychains – highly amusing to the owners, but completely annoying and inconvenient to the recipient target.

Click here for the NY Post article.

| Comments (0) |

ChoicePoint Victims Have Work Ahead

posted by:Dina Mashayekhi // 10:45 AM // // Surveillance and social sorting

A few days ago, most people probably had not heard of data-collection warehouse ChoicePoint Inc., let alone knew that the firm sold personal information to companies about potential customers, tenants or employees.

Today, though, many consumers may be wondering whether their personal and financial data were included in 145,000 reports the company inadvertently sold to criminals involved in an identity theft scheme.

Consumers "shouldn't panic, but they should be vigilant," said Beth Givens, director of the Privacy Rights Clearinghouse, a nonprofit consumer advocacy group.

See http://news.yahoo.com/news?tmpl=story&u=/washpost/20050223/tc_washpost/a45534_2005feb22&e=2

| Comments (0) |

Transborder Dataflow Comes Home to Roost

posted by:Stephanie Perrin // 11:35 PM // February 22, 2005 // Digital Democracy: law, policy and politics | ID TRAIL MIX | Surveillance and social sorting

Transborder Dataflow Comes Home to Roost
Some Policy thoughts on Commissioner David Loukidelis’ Inquiry on the subject of the Export of Personal Data to the United States and the Implications of the Patriot Act

In the summer of 2004, the Information and Privacy Commissioner of British Columbia David Loukidelis posted a call for comments on the implications of the U.S. Patriot Act on the personal data of Canadians (http://www.oipc.bc.ca/sector_public/usa_patriot_act/patriot_act_resources.htm). Prompted by a complaint from the B.C. Government Employees Union about the outsourcing of the processing of health information of citizens to an American company, the focus was on whether the data in fact would be accessible to US authorities under the Patriot Act, basically out of Canadian control. I commend him for starting a debate that in my view is the richest we have had in two decades on the subject of trans-border dataflow. The Commissioner received over 500 responses, from all kinds of individuals, academics experts, and organizations. Some of the submissions demand response, and as a policy person with a long interest in the field, it was tempting to comment. I did not, but I think it is a very fruitful topic for this project and this space to consider.


As many are well aware, during the 1970s, this country and many others debated the issue of trans-border dataflow in the context of pressures to open up trade in services, particularly data processing, and drop requirements to keep data within domestic borders. It was in this context that data protection achieved importance, and the OECD Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data of 1980 bear the imprints of that pre-occupation, as they were drafted as much to ensure the free flow of data as to protect privacy. Countries were enjoined in the preamble of that document to continue the work of harmonizing their approaches to data protection, and working together on international issues.

Unfortunately the Committee that drafted the guidelines was wound down shortly after the Council of Ministers approved them, and the OECD did not continue the much needed work on international cooperation. While the Guidelines were re-affirmed as a set of fair information practices in 1998 in the context of the OECD Electronic Commerce Conference held in Ottawa, there has not been a renewed, focused international discussion about how to manage the international and jurisdictional problems. The United States had a bilateral discussion with the European Union when they came to the Safe Harbor Arrangement after the Data Protection Directive 95/46 came into effect, but this happened largely behind closed doors and was focused on the Directive, and on how to avoid blockages in data flow. It did not include financial data, and did not focus on law enforcement and national security data. There has been almost no public discussion of the slumbering issue of Article 4(1)(c) of the Directive, which states that telecommunications equipment and software resident in the country, which is used to manage data and ship it outside the community, provides the presence necessary to cause the application of national law. This was certainly a controversial provision at the time, but the development of the global Information Infrastructure has certainly born out the foresight of its drafters; is there another logical way of approaching the problem of remote collection and use? If so, I have not seen it.

While a global discussion on data protection has raged over the past ten years, it has been focused primarily on the mechanics of the world wide web (cookies, privacy policies, P3P) and on opt/out opt/in for marketing. In the context of the huge debate between the US and Europe on whether or not you can achieve adequate data protection without legislating holistically as Europe has done, the attention of privacy watchers and legislators has been drawn to the rather basic questions that we had asked in 1980 when the OECD Guidelines were drafted, and not to the rather more complex issues of what we were proposing to do about the rapid development of global, dynamic dataflows and ubiquitous computing.

Canada has tried, during this period, to focus on the problem. During the Parliamentary Review of the Access to Information Act and the Privacy Act, the recommendation was made in the final Report of the Standing Committee on Justice and the Solicitor General (Open and Shut, 1987) to study transborder data flows. The Department of Justice did so, publishing the report Crossing the Borders in 1989, but there was still a dearth of information about financial dataflows, and no further policy work was published subsequent to the report. Aware of this issue, we developed a national standard for privacy, the Canadian Standards Association’s Model Code for the Protection of Personal Information CAN/CSA-Q830-96, envisaging also the potential development of an international standard which would provide not only a management standard for data protection practices, but a ready intersection with technology standards that contemplated privacy requirements. We also anticipated that such international standards could be useful in harmonizing the different legal regimes for the purposes of trans-border dataflow, and in providing an independent audit mechanism (through accredited ISO auditors) to permit checking on standards in remote and developing jurisdictions.

When the private sector privacy legislation was drafted (the Personal Information Protection and Electronic Documents Act or PIPEDA), the standard was attached to the law as the set of fair information practices required. When data is transferred for ‘processing’, it must be protected to the same level. However thin these protections may seem, I would argue that there is very little that can be done to improve them in the context of keeping data in the hands of the data controller and not that of foreign governments. Here are a few brief reasons why:

• Most foreign data protection laws and constitutional protections do not provide protection for ‘aliens’, or persons who are not citizens or residents of the country. Certainly US law does not.
• Data protection laws routinely have exemptions to permit release of personal information without the consent of the individual for purposes of national security, law enforcement, and a host of routine government functions.
• New anti-terrorism laws have given law enforcement and intelligence agents new powers domestically and new information sharing capabilities in their international organizations.

It can hardly be healthy for democracy to have a closed, hidden network of surveillance information about its citizens, shared around the world by police and intelligence agencies who are not accountable to their own citizens with respect to the collection, use, and disclosure of information, and the accuracy of the information. For many years while I worked in government, I pointed out the risks of the development of these networks, and frankly was frequently dismissed as a paranoid fanatic. So who’s crazy now?

This week, the papers in Canada are full of the story of Moroccan-born Adil Charkaoui, released on bail after 21 months in prison on a national security certificate. No charges were laid, the notes of the CSIS agent who provided the rationale for the arrest were destroyed as is routine, so no evidence was available to the defence. Can we actually run a democracy like this? Surely terrorism and insurrection are difficult problems, just as they were in the days of Magna Carta when we tried to improve our rule of law. But we must find solutions, because we are now living in a time of ubiquitous surveillance where there are practically no limits to how much data can be gathered about us. If that information is not verified by independent authorities, courts and juries, we have concentrated far too much power in the hands of an elite group.

At the same time as this story was breaking, the scandal of the criminal abuse of the vast databases held by Choicepoint broke (see www.epic.org and http://www.washingtonpost.com/wp-dyn/articles/A40379-2005Feb20.html). Choicepoint is one of the success stories of the post-911 environment, a data broker that was formed in 1997 and has bought 50 companies to assemble files on individuals all over the world. They have contracts with virtually every US government agency and are the company that is providing security checks for job seekers of all kinds in the post-911 environment. However, this open market for personal information has allowed criminal gangs posing as legitimate companies to purchase files on 145,000 US individuals, then proceeding to change the victims’ addresses and perpetrate identity theft and fraud on a grand scale. Since EPIC broke its first stories on Choicepoint in 2002, I have asked audiences wherever I speak who has heard of them. So far, there has been scarcely a handful among these well educated security and privacy experts, government policy people and sociologists, consumer advocates and lawyers, who were familiar with the company name. How can we run a democracy where huge private sector companies, un-regulated and unbounded by Charter and Constitutional protections that curb law enforcement authorities, control the information of an entire society and indeed of the citizens of many countries around the world, without the knowledge of the citizen?

This brings me back to the issue of transborder dataflow. There are many reasons why this topic has not been much discussed in the pure state (as opposed to, say, as an aspect of Safe Harbor) over the past few years. Here are a few:
• Western democracies have been keen on opening up trade barriers
• Cybercrime issues have been on the rise, and law enforcement authorities have been attempting to streamline their operations to fight them
• The European Directive on Data Protection took a long time to pass and be implemented, with opposition both within the EU and without, so proponents of blocking dataflow were reluctant to flex any muscle in areas of questionable jurisdiction
• E-Commerce suffers from similar issues in terms of choice of law and lack of consumer protection, and the struggle between consumers who want to maximise their hard fought consumer protection by choosing the best jurisdictions for consumers are up against companies who face a potentially gargantuan task of having to apply all regional laws to their business as they serve e-consumers around the world
• There are no easy answers. Just like global warming, the environment, better parenting, poverty in developing countries, health effects of old pollutants, and many other pressing issues that need to be addressed, there are no easy answers.

And this last point is why we must thank David Loukidelis for opening up the debate again. We have a new generation of young privacy enthusiasts and scholars who have not thought about this issue, but have taken global data flows for granted. Here is the torch, you find the solutions, because those of us who have been worrying this bone since the 80s have not come up with much.

Stephanie Perrin will be moderating a panel on this important topic at the Summit of the International Association of Privacy Professionals in Washington on March 10. Check back for her report of what panelists David Loukidelis, Becky Burr (Wilmer Cutler), Peggy Eisenhauer (Hunton and Williams), Jim Harper (Cato Institute) and Michael Geist (University of Ottawa) had to say about the issue. (www.privacyassociation.org)

| Comments (1) |

Consumer Profiling / Cash-replacement technology

posted by:Anne Ko // 08:58 PM // February 21, 2005 // Surveillance and social sorting

Consumer profiling has become even more pervasive thanks to a new cash-replacement technology, known as Dexit that is heavily used in Toronto’s business district. Using RFID technology, Dexit users have either a pre-paid fob or a sticker, enabling them to complete purchase transactions without having to wait in line. Dexit has been marketed towards people, who need their morning coffee in a hurry. This has meant increased convenience for many; however, in exchange for this convenience, consumer information about purchases usually made with spare change (like coffee and snacks), can now be monitored, collected, and sold with the aid of this new technology.

Click here for an article from Backbone magazine.

Click here for the Dexit website and privacy policy.

| Comments (0) |

School Drops RFID Tag Program

posted by:Jennifer Manning // 09:32 AM // February 17, 2005 // Surveillance and social sorting

The California grade school that required students to wear RFID badges has ended the program because the company that developed the technology pulled out.

Click here for the Wired article.

| Comments (0) |

Microchips counter Andes alpaca smuggling

posted by:Jennifer Manning // 02:47 PM // February 16, 2005 // Surveillance and social sorting

Peruvian alpaca farmers are implanting microchips into their alpacas to try to prevent their illegal exportation. 700 alpacas have been chipped so far. There has been discussion to create a program that would track the alpacas by satellite.

Click here for the Globe and Mail article.

| Comments (0) |

Fraudsters expose 100,000 across US

posted by:Todd Mandel // 11:53 AM // // Surveillance and social sorting

During October, 2004 fraudsters accessed confidential records of thousands of Americans including possibly credit cards, Social Security numbers, and other sensitive information. Affected individuals were only notified months after the fraud occurred, and have no way of knowing whether their information has been used or who still has access to it.

Click here for the The Register article.

Click here for the MSNBC article.

| Comments (0) |

House approves electronic ID cards

posted by:Jennifer Manning // 11:20 AM // February 11, 2005 // Surveillance and social sorting

On Thursday, Feb. 9th, the U.S. House of Representatives approved a bill, the "Real ID Act" that would require states to issue federally approved electronic ID cards to all adult residents.

All driver's licenses and other ID cards would be required to include a digital photograph, anticounterfeiting features and "machine-readable technology, with defined minimum data elements" that could include a magnetic strip or RFID tag.

Click here for the CNET article.

Click here for the bill.

| Comments (0) |

Parents and Civil Liberties Groups Urge Northern California School District to Terminate Use of Tracking Devices

posted by:Jennifer Manning // 03:02 PM // February 10, 2005 // Surveillance and social sorting

The ACLU, EFF and EPIC have written a letter asking a school district in Northern California to halt the use of RFIDs in student IDs. The ID badges include the student's name, photo, grade, school name, class year and the four-digit school ID number. Students are required to wear them at all times. One student's parents have filed a complaint with the school district.
Click here for the ACLU letter.

Click here for the parental complaint letter.

| Comments (0) |

Chips in Chips?? Vegas is Watching...

posted by:Michelle Gordon // 08:16 PM // February 09, 2005 // Surveillance and social sorting

CNet News.com

Casino mogul Steve Wynn has pulled out all the stops for his new $2.7 billion mega-resort in Las Vegas: an 18-hole championship golf course, a private lake and mountain, and a bronze tower housing 2,700 plush guest rooms.

But when its doors open in April, the Wynn Las Vegas will have one unique feature that few visitors are likely to notice--high-tech betting chips designed to deter counterfeiting, card-counting and other bad behavior.

The fancy new chips look just like regular ones, only they contain radio devices that signal secret serial numbers. Special equipment linked to the casino's computer systems and placed throughout the property will identify legitimate chips and detect fakes, said Rick Doptis, vice president of table games for the Wynn.
The technology behind these chips is known as radio frequency identification, or RFID, and it's been used for years to track livestock, enable employee security badges and pay tolls.

Click here for the full article.

| Comments (1) |

Beach Security in Hawaii

posted by:Daphne Gilbert // 11:36 AM // // Surveillance and social sorting

The state of Hawaii has instituted a new pilot project that contracts out surveillance to a private security company on behalf of the police. Funds for the contract currently come from the Hawaii Tourism Authority with a view to lessening the "stress" on the police force. "Island cams" have been installed at popular beaches and they are described as both "visual deterrents" and "not easily spotted". The cameras come with digital privacy zones to prevent spying on beach residents.

It is interesting to see the increasing dependence of police forces on private industry in the name of crime prevention.

Daphne Gilbert

| Comments (0) |

Barcodes for cadavers

posted by:Dina Mashayekhi // 02:08 PM // February 05, 2005 // Surveillance and social sorting

Associated Press

BERKELEY, Calif. — Shaken by scandals involving the black-market sale of body parts, University of California officials are considering inserting supermarket-style barcodes or radio frequency devices in cadavers to keep track of them.

The high-tech fix is one of a number of reforms UC is proposing to reassure people that bodies donated to science will be used as intended and treated with respect.

"We want these to be programs that really do work so we can maintain the public trust and know that we are doing everything possible to maintain and respect the great donation that these gifts represent," said Michael Drake, UC vice-president for health affairs.

See The Globe and Mail

| Comments (2) |

Cost and privacy concerns stall PAYD car insurance

posted by:Dina Mashayekhi // 10:36 AM // February 02, 2005 // Surveillance and social sorting

How long will it be until only those with blackboxes will be insured?

Pay-as-you-drive car insurance will not be commercially viable anytime in the next three years, according to Strategy Analytics. It cites privacy concerns, launch costs and patent fees, along with back-end data integration, as significant short-term obstacles to the technology's mass-scale deployment.

Under pay-as-you-drive insurance, a black box records data about the driver's journeys. Charges vary, according to the risk of each journey. Last August, Norwich Union started testing the technology in the UK, with a pilot scheme for younger drivers launched this year.

From The Register

| Comments (0) |

Harvard CIO Gets Chipped

posted by:Michelle Gordon // 10:05 AM // // Surveillance and social sorting

Dr. John Halamka, the Chief Information Officer for Harvard Medical School, recently had himself implanted with a subdermal VeriChip so that he could begin an "earnest assessment" of this controversial new product. He is currently one of 40 U.S. volunteers who are testing this device. While Dr. Halamka's chip can only be read at one location, this could very soon change.
Is this the next new trend, or could this be the end of medical privacy?
See: UsingRFID.com,
CNET News.com, MobileHealthData

| Comments (0) |

Privacy and New Technology

posted by:Alison Gardner Biggs // 11:02 AM // January 26, 2005 // Surveillance and social sorting

Sometimes the impact of the Internet can catch us all by surprise. Policies which are perfectly appropriate for the offline world have different implications and consequences when translated to the online environment.

An example of this recently came to CIPPIC’s attention when an individual notified us that her personal contact information had been posted on the CRTC’s website. The CRTC's policy is to directly reproduce all comments received, including personal information. In this case, however, the individual in question did not know her information would be posted and only became aware of the posting when contacted by a complete stranger, three years later.

The CRTC has always made comments to Public Notices available in print format for inspection. This policy does not, however, translate well to the online world. An easy example is that of spammers and e-mail harvesting programs which troll the Internet for e-mail addresses. As well, information is harder to pull from the Internet - pages are often still available through tools such as Google's cache.

CIPPIC has written to the CRTC explaining our concerns and to ask them to reconsider their policy and move to a more privacy-respectful approach. The text of that letter can be found here.

| Comments (2) |

UK's New Freedom of Information Law

posted by:Catherine Thompson // 07:12 AM // January 25, 2005 // Surveillance and social sorting

The UK has a new freedom of information law. Access to information academic Alasdair Roberts has some advice for the British in his essay "Spin Control and Freedom of Information: Lessons for the United Kingdom from Canada."

| Comments (0) |

No Place to Hide??

posted by:Michelle Gordon // 07:01 PM // January 22, 2005 // Surveillance and social sorting

ABC News broadcasted a special on a new book by Robert O'Harrow, a Washington Post Journalist. The book and program address the intersection of the data revolution and national security, and asks the scary question of whether we really do have anywhere to hide. For those who missed the program, check out ABC's website, as well as http://www.noplacetohide.net/. Or, of course, you could read the book!

| Comments (0) |

Border security reports leaked

posted by:Valerie Steeves // 04:36 PM // // Surveillance and social sorting

An insecure link on the US Energy Department's website provided access to border security reports on various people denied entry into the US from Canada because they're on the Tipoff watch list. Tipoff contains the names of more than 100,000 "terrorist risks". cryptome.org published a mirror before the US government severed the link, so you can still read the reports at http://cryptome.org/hsomb/hsomb.htm . Interesting reading, especially if you're looking for evidence of possible discrimination on the basis of ethnicity/religion.

| Comments (0) |

main display area bottom border

.:privacy:. | .:contact:.

This is a SSHRC funded project:
Social Sciences and Humanities Research Council of Canada