Quis custodiet ipsos custodes?

July 21, 2007

One cannot use spies without sagacity and knowledge,
one cannot use spies without humanity and justice

–Sun Tzu

who is watching you?

Polvo gallery will be hosting an art show in Chicago, from August 3rd to September 1st 2007, called echelon: who is watching you? I suppose we earn the honor of hosting this little historical survey of US surveillance since “Chicagoans may soon be the most watched urbanites in the world.” PoliceOne has an online copy of a 2004 AP article Chicago Moving to ‘Smart’ Surveillance Cameras that is worth a look, in case this is news to you.

But we are the second city after all, and NYC will soon be enjoying a “London-style surveillance veil,” a phrase that’ll send me to the bar for some scotch any day of the week. This package includes Automatic Number Plate Recognition (ANPR) technology which, since at least 2004, has been helping London tighten the weave of its dragnet & capture a carnival of suspects more effectively. (Check out the excellent Spy Blog from the UK which is Watching Them Watching Us; there are numerous discussions of ANPR to be found)

I definitely hope to attend opening night of the echelon show, in part to see try and understand what this surveillance means to me as a relatively new Chicagoan. I have been known to peek in on official industry presentations about these kinds of technologies; likewise the echelon show will be a great way to take a read of current discussion in Chicago about escalating digital data-capture technology. Of course the Bush administration is more than happy to support pervasive ground-level invasions of personal citizens’ privacy while drawing lead blinds on its own activities. So far the courts have kept some of these inclinations in check (TOO SLOWLY, in case they’re listening in) but it’s only gotten worse since the Geneva convention-denying Attorney General Alberto Gonzalez was confirmed with a notable lack of enthusiasm.

On July 6th 2007, and from an unexpected corner, San Francisco’s Ninth Court of Appeals ruled in US vs Forrester that “Feds can read e-mail, IP addresses without warrant[s].” The crux of their argument is that monitoring email addresses and IP addresses constitutes no greater invasion than that of identifying the information on the outside of a sealed letter, or recording a roll of phone numbers, which are both protected levels of surveillance. Numerous commentators feel that the volume of information available to an agency looking through an electronic list of email chains as well as the volume of information to be gleaned from web sites is far greater than can be traditionally gathered, and constitutes something worthy of 4th amendment protections.

The Volokh Conspiracy in particular has a substantial comment roll about both sides of the issue; JohnMc brings summarizes an interesting point for consideration in our current Web2.0 environment:

Orin, I am going to side with TechieLaw not on the legal merits but the technical issues. The crux of my argument is that as a general basis, with internet your private data is hosted off your premieres. From a business perspective, were the general public not to be afforded the same 4th amendment protections as in their residence then you might as well forget about Web 2.0 and close Sun Corp. down (“The network IS the computer”).

The visionaries see a not too distant future where you keep your data on a contracted provider who has the resources to guarantee always available access and multiple redundant backup. Think Google. However If the only way I can keep my papers private is to keep them on my own server in my own home then that is what will happen. At that point we are back to a technical future equivalent to 1960. It just all runs faster.

The 4th needs to be amended to expand ‘reasonable searches and seizures’ to your papers regardless of location or format.

Couple this with the FBI’s use of exigent letters to illegally convince telephone companies to immediately surrender documents on their existing clients, usually by claiming that appropriate necessary documents were filed, and suddenly the reality seems explosive. With such a large number of free data hosting sites (i.e. ewedrive, JustUpIt, etc.) which will maintain uploaded data for you in a personal account, as well as traditional paid hosting services, the problems seem endless.

Until clear and non-politicized language is developed, within an internationally accepted framework, to erect legally defendable digital borders for private citizenry there will be no lasting security. Lamenting concessions made by the big players can seem academic, especially when we undeniably enjoy so many other freedoms protections in the US, but my feeling is that until a service such as Yahoo can be held accountable, then we are all as vulnerable as Shi Tao.

Als sie mich holten, gab es keinen mehr, der protestieren konnte
–Pastor Martin Niemöller

(Then they came for me and there was no one left to speak up for me.)

UPDATE

Just minutes after launching this post, which I finished a draft of yesterday afternoon, I came across this apropos ruling in today’s NYT article Court Tells U.S. to Reveal Data on Detainees at Guantánamo by William Glaberson:

 

A federal appeals court ordered the government yesterday to turn over virtually all its information on Guantánamo detainees who are challenging their detention, rejecting an effort by the Justice Department to limit disclosures and setting the stage for new legal battles over the government’s reasons for holding the men indefinitely.

The ruling, which came in one of the main court cases dealing with the fate of the detainees, effectively set the ground rules for scores of cases by detainees challenging the actions of Pentagon tribunals that decide whether terror suspects should be held as enemy combatants.

It was the latest of a series of stinging legal challenges to the administration’s detention policies that have amplified pressure on the Bush administration to find some alternative to Guantánamo, where about 360 men are now being held.

A three-judge panel of the federal appeals court in Washington unanimously rejected a government effort to limit the information it must turn over to the court and lawyers for the detainees.

 

It didn’t end there, though:

The ruling also included significant victories for the government, including a decision allowing the Pentagon to limit the subjects that the lawyers can discuss with detainees and authorizing special Pentagon teams to read the lawyers’ mail and remove unauthorized comments.

Why are these rulings often such mixed blessings? This is how New York Lawyer Wells Dixon, from the Center for Constitutional Rights, sums up the essential stalemate at the close of the article:

“Once again,” Mr. Dixon said, “we are left to rely on the government to produce all of the information that it says exists.”

Advertisements

The Internet is closed today, please check back tomorrow

June 27, 2007

Filtered! uploaded to Flickr on july 2 2006 by elishka, creative commons

Clearly I am preoccupied with issues of privacy, since it surfaces in so many of my posts. I am also worried about the concomitant efforts to censor or limit availability of the net, often in the name of a nation’s right to privacy. (Just look at Dick Cheney’s maniacal protection of his own privacy) I am talking of course not only about impending Illinois legislation requiring mandatory library Internet filtering. (Check out the Geneva Public Library spot about HB1727, it’s a nice encapsulation of the issues for anyone just hearing about it; this ILA action alert is good for further education & talking points) There is a larger issue surrounding the filtration of the Internet across entire nations, where people are “protected” from dangerous information in an effort to quell social activism. North Korea is noteworthy for how effectively news of international affairs is kept at bay, and Castro has also maintained the means to foster widespread disinformation.

Asia Pundit: internet censorship map (.pdf file of a map based on the ONI Internet Filtering Map. See also ICE:Internet Censorship Explorer for more info)

Anyone interested in global Internet filtration should check out the ONI Internet Filtering Map. Their analytical tools are unfortunately far from representative, but they attempt to reflect current states of repression through political, social, conflict/security and Internet tool controls. As you’ll see, large swaths of the world are gray, meaning no reliable data has been collected. They have far to go, but it’s promising to see that the statistical tools are currently being refined and developed.

The problem stems from large corporations, specifically Microsoft, Google and Yahoo, who are all willing to offer their services to countries, most notably China, with embedded limitations at the outset. Often the corporations argue that they are following normative business practice by adhering to local laws and customs. That argument is a black hole as far as I’m concerned, and one need only look to the morally indefensible misuse of our 14th amendment to see what I’m talking about. Meant to protect blacks recently freed from slavery, the 14th amendment has a shameful history of misuse; see this Straight Dope article which discusses how exactly the personhood argument was snuck into the Santa Clara County v. Southern Pacific Railroad Company precedent. Lest anyone think that my example is not contemporary enough, just look at Wal-Mart’s corporate personhood claim for equal protection in a court case from 2004. Or how about Nike v. Kasky, where it was argued that suing a corporation for lying infringes on its natural First Amendment protections of free speech. (Too bad the supreme court sidestepped that one)

Privacy Digest, maintained by Paul Hardwick, is a wonderful resource which compiles news stories, business precedents and impending legislation that influence privacy issues. Nate Anderson for ars technica recently reported on an Amnesty International conference that described Internet filtering as a virus, and he reasonably notes several gray areas surrounding the issue. Amnesty International is actually pro certain forms of censorship — much in the way that Sandy Berman, while advocating for updating biased language in Library of Congress catalog designations, simultaneously called for the removal of select Christian works not only from his own Hennepin County Public Library but from all libraries across the country as well. Is censorship ever warranted? If so, who is invited to the table? Often the gray area centers on hate speech, and on insuring a world where people are free from hostility — indubitably worthwhile goals that deserve reasoned consideration free from invectives or politics.  But what of the gray area surrounding corporate responsibility?  Do we let the market and government limitation decide?

I definitely hope that libraries will not remain quiet about Internet filtration, and allow by default for legislation on either a State or Federal level to control the terms of service. We must also fight efforts by our own government to limit access to information that should be in the public domain. (We do elect them for public service, after all…) We must pay attention to privacy and filtration issues globally as well, and insure that our access remains free from stop-gap measures clogging misdiagnosed holes in the Internet.

Thankfully, the Internet is here to assist us to ensure accountability on all levels, if we let it. (There’s a reason the US military is by some accounts uncomfortable with real-time military bloggers in the age of embedded journalism… Daily blogging, by the way, is a great way for vetting your thought processes; I highly recommend it. )

Rush, lyrics to “Free Will” from Permanent Waves

There are those who think that life is nothing left to chance
A host of holy horrors to direct our aimless dance.

A planet of playthings,
We dance on the strings
Of powers we cannot perceive.
“The stars aren’t aligned
Or the gods are malign”
Blame is better to give than receive.

You can choose a ready guide in some celestial voice.
If you choose not to decide, you still have made a choice.
You can choose from phantom fears and kindness that can kill
I will choose a path that’s clear
I will choose free will.

There are those who think that they were dealt a losing hand,
The cards were stacked against them
They weren’t born in lotus land.

All preordained
A prisoner in chains
A victim of venomous fate.

Kicked in the face,
You can pray for a place
In heaven’s unearthly estate.

You can choose a ready guide in some celestial voice.
If you choose not to decide, you still have made a choice.
You can choose from phantom fears and kindness that can kill
I will choose a path that’s clear
I will choose free will.

Each of us
A cell of awareness
Imperfect and incomplete.
Genetic blends
With uncertain ends
On a fortune hunt that’s far too fleet.

You can choose a ready guide in some celestial voice.
If you choose not to decide, you still have made a choice.
You can choose from phantom fears and kindness that can kill
I will choose a path that’s clear
I will choose free will.


Post #4: Data Positioning System

June 23, 2007

chkrres, uploaded to Flickr on Dec. 13 2006 by stallio 

It’s amazing how complicated it can be to locate data.  Almost as complicated is the spectrum of forms which data can take.  As a bookseller, I was often asked about helping someone find a green or a blue book, usually accompanied by a gesture meant to show just how big the book might be.  Or how about the book they heard about on NPR, maybe it starts with a P or a T, perhaps it was profiled three or four days ago, or maybe it was an Oprah book…”Do you have it?”

Figuring out what someone wants is an art, and there should be awards given out to those who are good at it.  At library school, we have classes dedicated to this art, and retailers are always interested in sending staff to seminars to perfect the art as well.  The problem is, most people aren’t really sure what they want in the first place.  “Where do you want to eat?”  “Oh, I dunno, what are you in the mood for?”  …and on and on.  But we love our modern tools of selection, and there’s a reason people respond to “you may also like…”

I can’t tell yet how accurate my observation is, but I feel that as we become more accustomed to abstract self-correcting Internet data searches, we become less focused in real world physical environments.  We rely less on our memory since it’s so easy to del.icio.us it, or save it to the flash drive, bookmark it, blog it, tumblr it….in a way our teachers’ fears about calculators writ large in our collective memory.  Where’s Guy Montag when you need him?

Content management systems continually evolve and improve, however, and with some elegant programming we can create remarkably flexible environments for locating digital data.  But what about physical artefacts, like books?  The more ways we have of ticking off our selections for areas of interest, and for sharing them, the less we will need to remember.  There are many businesses out there that will happily remember for us. 

One option for those of us in the physical world will be vertically integrated Radio Frequency Identification (RFID) technology.  At BookExpo there was a Dutch Company called BGN that held a seminar for industry professionals singing about the virtues of RFID for both information consumers and stewards.  RFID would allow a book to be located in a building no matter how grieviously mis-shelved it is, which would be a boon for book sellers and librarians alike. 

A major stumbling block to implementation is the lack of vertical integration, or recognition by producers, distributors and purchasers alike to work together toward cost-effective implementation at multiple levels.  Tesco stores are starting to use something they call “smart shelves” using RFID, Wal-Mart uses similar technology called an Electronic Product Code (EPC) to track shipments, and KSW-Microtec are developing RFID tags that can be sewn into clothing.  There’s even a website devoted to RFID investing with a cornucopia of links to almost every arm of the technology.  The pro-industry RFID Journal gives a good snapshot of the state of the technology.  None of this, however, is meant to be a glowing endorsement.

A real concern is privacy.  If RFID can be used to pinpoint an item on the shelf, what prevents it from being followed anywhere else?  This article by David Molnar and David Wagner highlights the concerns in a library environment fairly comprehensively, but the issue is much larger than that.  As mentioned in this Glenn Bischoff article on the Mobile Radio Technology website, “RFID tags are ‘remotely and secretly readable,’ a vulnerability that becomes more troubling when the public isn’t aware its personal information might be at risk, said Melissa Ngo, director of the Electronic Privacy Information Center’s Identification and Surveillance Project.”  Lee Tien, an Electronic Frontier Foundation attorney, “described RFID as a ‘very insecure’ technology that’s likely to pass along sensitive information.”

Alarmist, perhaps, and not necessarily in respect to the current limitations of the technology.  My intuition is, though, that the more freedoms we give up outright the harder it is to ask for them back at a later date.  As with every technology, every law, and every compromise between convenience and responsibility, there is a tipping point.  Where do we draw the line?

Surveillance is Fun, uploaded to Flickr on Sept 16, 2006 by eecue


The Voyeur in the Mirror

June 18, 2007

photo of stencil in Amsterdam, taken & edited by me

I stepped out this morning, as I often do, to get some espresso. Helps me focus, and I have a final paper to work on today. With a little forethought, and a little persistence, you could’ve come with me.

As I got myself ready to go outside, you could’ve trained the eye of Google Earth on my apartment. Once I started on my way to the bank, you could’ve joined me with Google Street View. Once at the ATM, you have your choice of either capturing the surveillance feed from their external security cameras, or you could ask the bank for the footage from the ATM itself.

Hello!

As I walked back to the nearest bus stop, maybe you could find me in the background of a traffic camera ticketing photo; sorry, I’m slightly blurry since I haven’t had my espresso yet. Once on the bus, I may or may not be under surveillance, as the warning so coyly suggests. That’s ok, since once I get off the bus you can find me with Google Street View again, or with one of our native Chicago surveillance cameras. Visuals are overrated anyway, so if you’re really enterprising you can find me by tracing my cell phone GPS identification. And any number of private corporations will happily supply you with my personal history if you’ve got cash money. If all else fails, tomorrow I’ll be driving; there’s that little mapping system in my car, and savvy hackers can help you pinpoint that.

As you may have heard, Time magazine said that you were the person of the year last year. Little old you. Really,though, you have a lot more influence than you think, and not necessarily in the way you want. It goes beyond levels of surveillance that are normally discussed or commonly acknowledged. This blog is watching you, actually, and I get statistics on my readers second by second. If I sign up for Google Analytics or a similar service I could get more detailed data, with practical business applications. (A recently ended program called Spyjax used to collect data on people’s browsing histories while showing them how it was being done, in order to heighten Internet user’s awareness of spyware and the like. Unfortunately he’s closed shop to save bandwidth, so no widget for me.)

Chicago contracts with many different security providers, it’s true, though we are not quite as widely watched as in London, where there’s approximately one camera per fourteen people. But then, maybe we are…

Personal data is, after all, the new black.

There was a movement after the Second World War to require the use of national identification numbers, and the government lost the fight to the will of the people. Big business was behind the push, and considering what happened in the years that followed, the people lost the fight anyway. But the truth is, we are the ones who willingly gave up the ghost.

Business began to require us to submit to them our social security numbers if we wanted to do business, which, unless we willingly provided it to them, they had no right to have access to. But we did, with little resistance. And our government was happy, because they got what they wanted through capitalism, not legislation, and in the sixties restrictions on the sale or distribution of our SS numbers, or, let’s be honest with ourselves, our national identification number, were loosened. For example, in 1961, the IRS was permitted to use the social security number for identification, one of the major stumbling blocks in initial movements toward a national ID.

I would bet you that not only your credit card company and bank have this number, but your super market, your doctor, your insurance companies, your power supply providers, your home rental agency, your car rental agency, and maybe even your Internet provider. When colleges began using using SS numbers for student identification purposes there was a large outcry, but due to the high circulation rate of students, lasting legislation or regulation is still problematic, with an estimated use today on campuses of about 50%. My undergraduate school used SS ID numbers, so it would be printed on anything mailed, presented to, or just related to me during my time there. Hardly a defense of my privacy or security.

What’s interesting to me is that when SS numbers are used so overtly in college documents there is a passionate outcry. Yet when it is a supposedly “private” transaction such as a sale of goods or services, we do not hold to the same standard of personal security. This national temperament is so obvious, if you are looking for it.

Just look at this website portal which links to reality television shows. For every show that encourages us to observe one another in an ostensibly responsible way, such as America’s Most Wanted, there are at least ten whose motives are a little more suspect (Cops, Fear Factor, Maury Pauvich, The White Rapper Show, Elimidate, I Want a Famous Face, Real World, Combat Missions, Extreme Makeover, and House Arrest. See how easy that was?) In a way it’s fun to see ourselves reflected, even if in an unflattering way, through major media outlets. The undercurrent of a modern carny sideshow is unavoidable, and perhaps even ridicule of the poor and disenfranchised. I’ve honestly never sat through a whole episode of Rikki Lake or Jerry Springer because, halfway through, I would always imagine friends of mine who are homeless, or myself (not long enough ago) when I couldn’t afford ramen, or heat for my apartment. What would I be willing to do, if it comes down to it? Honestly, though, reality TV betrays middle class values for the most part. So is it that we want to be celebrities so much that we desire to be under a similar type of scrutiny so as to feel similarly valued?

Ever heard of Za Gaman, or other Japanese game shows?

Or how about Remote Lounge in NYC. If you’ve never been there, I highly recommend it. I’m serious. It is exhilarating, adrenaline-inducing and wildly creepy. The whole bar is wired, and the idea is that if you see someone you want to meet or hook up with, just talk to them over your own little personal camera station. As though Londoners were flirting with one another using their CCTV. Here’s a bit of their take on it: “Rather than focus on the “Big Brother” association with the surveillance technology that has been co-opted and adapted to use in the lounge, CEV founders point out that their version of telepresence is used to very different ends then traditional surveillance implementations. First of all, access to the system is mutual, bilateral and consensual – nobody gets to violate anyone else’s privacy in a manner that they would not be subject to themselves. Secondly, the environment is designed to encourage exploration, experimentation and human interaction rather than to control or protect people or property.”

And it’s emblematic of where our heads are at today. The other night I trawled through some Flickr showcases, and searched for people who I haven’t spoken to for years. I didn’t find many of them, but did find about four; there they are for me to quietly watch, a voyeur of their lives today. I went to Youtube, and even found snippets of video from a 1990 talent show at my high school, a talent show I was in! (Sadly the bit with me in a plastic pink skirt playing bongos and singing with my friends about Queen Liliuokalani wasn’t on there.) Pixelated ghosts beckon and beguile me through the ether like my own personalized Videodrome.

The thing is, however disturbing some of this is to me, I am equally awestruck, and humbled by the direction we have taken. There are extremely positive aspects to it, largely in the realm of accountability. Joe Biden, Michael Richards, Don Imus and the like had better be careful. If only we can keep reporters from being embedded with the military and get back to honest reporting… But then, with blogs such as Baghdad Burning, A Star from Mosul, and other amazing front-line blogging of so many people telling real stories and looking for loved ones, maybe we can move away from sponsored reporting. As with many double edged swords, the process can be one of promise and opportunity, so long as we do not abdicate responsibility, and quietly give up the ghost.

Dziga Vertov, from The Man with the Movie Camera

“It called forth nearly all the constituent powers of the century. It revealed the century as it liked to relax when wearing none of its masks.”

Ok, Giedion is talking about patent furniture, but it sounds like the Internet to me. I won’t give up on it for anything, though, and I will fight like Voltaire for it to remain unfiltered. The possibilities are just too great, and if we let it get delimited by force or by censure, only the military and outlaws will be able to take advantage of it.