January 9th, 2014
James Bridle on How Britain exported next-generation surveillance. Good, but depressing.
As is often the case when it comes to governments and surveillance technologies, the problem isn't so much the technology itself as it is a reluctance on the part of officials to explain how the data gathered is being used, beyond a bland assertion that all relevant laws and guidelines are being followed. Plus, of course, mission creep on every possible front.
January 5th, 2014
Los Angeles Times reporter David Lazarus, prompted by a tip-off from a reader, tried registering with a UPS service that offered more control over parcel delivery schedules and found that UPS already knew quite a bit about him and his family:
In my case, UPS wanted me to name the city I'd formerly lived in. San Francisco, where I resided before moving back to Los Angeles, was on the list.
The next one was a trick question. It asked me to name the street I'd once lived on or "none of the above." The answer was "none of the above."
The third question asked me to name the city I'd never lived in. The list included three Connecticut cities I'd never visited and the one where I was born. Since you could pick only one answer, I picked "all of the above."
The UPS site then said it would need more information to verify my identity and asked for my birth date. Maybe this was just a glitch. Or maybe it was a sneaky way to get me to cough up this most important of data points.
I provided my birth date and was presented with a trio of much more specific questions. The first asked the month that my wife was born, and it included both the correct month and her full name.
The second one again identified San Francisco as my former home. The third question included the street in San Francisco that I lived on.
Like Miller, I was completely creeped out.
I'm not sure what's creepier about this: the notion that data mining lets companies know this much about potential customers, or the idea that they might have gathered incorrect information and there's no practical way for me to correct it because I don't know where they got it from.
[Via RISKS Digest Vol. 27, Iss. 65]
December 1st, 2013
Jonas Lund's Gallery Analytics brings WiFi-based tracking to the cultural sector:
Lund's Gallery Analytics project is a site-specific installation for exhibitions that's able to generate data about behavior of visitors and present this data in a Google Analytics-like environment. By setting up a mesh Wi-Fi network and combining it with custom-made software, Gallery Analytics is able to track every Wi-Fi-enabled device (such as a smartphone) moving around in the area in real-time. [...]
I can see how with a long-term exhibit you might want to tinker with the layout if analysis reveals that visitors are tending to overlook a particular piece, or perhaps even to swap out a piece that people aren't paying attention to for something that might attract more interest, but if you have a short-term exhibit will you accumulate enough data to draw firm conclusions about what is and isn't working before it moves on? Also, if you're a museum that hosts visits by groups you might find that a group of students being led through on a tour of your exhibits will end up distorting your stats a bit. What you really need is a real-life equivalent of the Referrer field to help you distinguish between a group being led around and individual, self-directed visitors.
All in all, this could be a heck of a tool for museum and gallery operators, so long as they don't go nuts and start assuming that the data is the whole story.
Now, for extra credit, consider your local shopping mall or town centre doing all of the above. Is that better, or worse, or no different? Please justify your answer.
[Via Extenuating Circumstances]
October 25th, 2013
Giles Turnbull imagines a gathering of serious, grey haired gentlemen taking place somewhere in central London the other day:
GERMANY: Our Chancellor will phone the American President and demand an apology.
SPAIN: Yes, she should do that.
ITALY: We will send a letter of protest. We don't want them listening in to our President's calls too.
DENMARK: If they even think about spying on us, there will be trouble.
FRANCE: We have begun our protest already. Our President telephoned the Americans after breakfast yesterday.
UNITED KINGDOM: Actually I think it was nearer to lunchtime – so I gather.
FRANCE: How would you know that?
UNITED KINGDOM: I think perhaps your man mentioned it to our man. You know, just idle chit chat. Anyway, what shall we do about this Obama fellow, eh? We need to speak with one voice – all of Europe, standing up to American threats. [...]
And that last line is where he lost me. The only thing the British government are objecting to is the notion that there's something wrong with the NSA and GCHQ hoovering up as much data as humanly possible with as little meaningful oversight as possible.
October 25th, 2013
Nicholas Carr contemplates the Quantified Self movement and wonders whether the same technologies are going to be adapted to bring us what I'd prefer to call the Quantified Employee:
Some companies are outfitting employees with wearable computers and other self-tracking gadgets in order to "gather subtle data about how they move and act – and then use that information to help them do their jobs better." There is, for example, the Hitachi Business Microscope, which office workers wear on a lanyard around their neck. "The device is packed with sensors that monitor things like how workers move and speak, as well as environmental factors like light and temperature. So, it can track where workers travel in an office, and recognize whom they're talking to by communicating with other people's badges. It can also measure how well they're talking to them – by recording things like how often they make hand gestures and nod, and the energy level in their voice."
It's the euphemisms that get to me. In the hands of the unimaginative and the insecure, "Use that information to help them do their jobs better," will turn into "I don't trust you further than I could throw you, so you are now required to account for every five minute block of time you spend away from your desk. And for the quality of your hand gestures."
August 22nd, 2013
August 21st, 2013
Novelist and former MP Louise Mensch, demonstrating her deep understanding of how digital technology works:
She probably thinks the Guardian no longer has access to the files on that laptop too.
Actually, cancel that. I'm sure she's perfectly well aware that digital data can be – and in this case, was – backed up. To my mind, she's just doing her bit to help the government to deflect the focus of the discussion away from the Guardian's story and the doings of the surveillance state and on to the government's preferred law-and-order/keeping-us-safe-from-terrorists/nothing-to-hide, nothing-to-fear agenda.
[Via Charlie's Diary]
June 10th, 2013
Kieran Healy on Using Metadata to find Paul Revere:
I have been asked by my superiors to give a brief demonstration of the surprising effectiveness of even the simplest techniques of the new-fangled Social Networke Analysis in the pursuit of those who would seek to undermine the liberty enjoyed by His Majesty's subjects. This is in connection with the discussion of the role of "metadata" in certain recent events and the assurances of various respectable parties that the government was merely "sifting through this so-called metadata" and that the "information acquired does not include the content of any communications". I will show how we can use this "metadata" to find key persons involved in terrorist groups operating within the Colonies at the present time. I shall also endeavour to show how these methods work in what might be called a relational manner. [...]
[Via Crooked Timber]
June 9th, 2013
The most interesting thing about this exploration of how much a German phone company knew about the movements of one particular politician is that it's really just scratching the surface:
Green party politician Malte Spitz sued to have German telecoms giant Deutsche Telekom hand over six months of his phone data that he then made available to ZEIT ONLINE. We combined this geolocation data with information relating to his life as a politician, such as Twitter feeds, blog entries and websites, all of which is all freely available on the internet. [...]
Don't get me wrong: the animated map and correlation of the location data with blog entries and tweets to account for what Spitz was up to on a given day in a given place is neatly done, but it's hardly news that having your mobile phone on you allows the phone company to know roughly where your phone is.
The fun bit is the data mining and cross-matching of data. Throw in the sort of information every self-respecting law enforcement agency is itching to get access to, about what phone numbers you called, who you emailed and what web sites you accessed and it's relatively straightforward to build up a picture of what you're doing, where you're doing it and, who you're doing it with and – crucially – whether you're deviating from your normal pattern of activity.
Imagine a world where we didn't have the internet and mobile phones to make collecting all this data easy and painless. Now imagine the government in that wireless-free world announcing that it would start gathering this sort of information by having a civil servant follow you around, listening to your conversations with people and monitoring what books and magazines you read and taking notes as you go. I think it's fair to say that there would be hell to pay.
Why should governments have an easier time of it just because they can have Internet Service Providers and telecoms companies do the surveillance for them?
July 14th, 2012
Olympic Mascots Wenlock Policeman Figurine: Amazon.co.uk: Toys & Games:
- Hello, I'm Wenlock! Don't I look smart in my police officer's uniform?
- I have the important job of protecting you on your journey to the London 2012 Games.
- Take this figurine on a journey to the London 2012 Olympic Games – we can have lots of fun together! [...]
The customer reviews are all you'd expect and more…
[Via Charlie Stross, commenting at Making Light]
February 2nd, 2012
The very definition of irony.
[Via Memex 1.1]
August 15th, 2009
There's caring about the Eurovision Song Contest, and then there's this:
Rovshan Nasirli, a young Eurovision fan living in the Azerbaijani capital Baku, says he was summoned this week to the country's National Security Ministry — to explain why he had voted for Armenia during this year's competition in May.
"They wanted an explanation for why I voted for Armenia. They said it was a matter of national security," Nasirli said. "They were trying to put psychological pressure on me, saying things like, 'You have no sense of ethnic pride. How come you voted for Armenia?' They made me write out an explanation, and then they let me go."
Don't anyone go giving Andrew Lloyd Webber ideas…
[Via A Fistful Of Euros, via No Rock and Roll Fun]
April 12th, 2009
Statebook: what do you want to know about $CITIZEN now?
[Via Open Rights Group]
September 15th, 2008
Henry Porter reminds us not to blindly trust the promises of politicians:
Police officers keep on insisting that [powers of surveillance] will not be abused, but revelations made by another FOI request last week show that the police use surveillance techniques to bully and harass citizens. In Wales, a team of 11 officers took part in a surveillance operation against a 49-year-old police dog handler who claimed he was suffering from depression, a fact established by the Police Medical Appeal Board. Officers from two forces watched his home for months and filmed him at a cost of Â£100,000.
But remember, folks: if you've nothing to hide then you've nothing to worry about.
May 27th, 2008
Further to the previous post, it looks as if having your PDA confiscated could become a commonplace occurrence if the RIAA get their way:
A TOP-SECRET DEAL being ironed out by G8 nations will give the Music and film industry a state-paid force of copyright cops with the same powers of customs officials.
The copyright police can seize your mp3 player or laptop to see if it contains pirated content and can order ISPs to turn over personal data without the need for proof.
G8 members, at the request of those wonderful examples of humanity at the RIAA, are agreeing to turn tax-payer paid customs officers into boot boys for the record and music business.
The Anti-Counterfeiting Trade Agreement (ACTA), will be discussed at the next G8 meeting in Tokyo, in July. [...]
Just one small, practical question: if I hand my iPod over to a customs officer, how exactly will he or she be able to tell which tracks I downloaded from iTunes and which ones I ripped from my CD collection? On my (fairly old) iPod, there's no way to tell at a glance, since the software doesn't visibly distinguish between AACs and MP3s. There is a 'Purchased' playlist, but that only shows files purchased on my current Mac; it doesn't pick up purchases made on my previous Mac and transferred over to this one. Will I be OK as long as I refrain from setting up a playlist called 'Illegal copies', or do I have to start carrying copies of my invoice emails from iTunes around with me if I want to leave the country?
[Via Memex 1.1]
May 25th, 2008
Do you feel safer?
A masters student researching terrorist tactics who was arrested and detained for six days after his university informed police about al-Qaida-related material he downloaded has spoken of the "psychological torture" he endured in custody.
Despite his Nottingham University supervisors insisting the materials were directly relevant to his research, Rizwaan Sabir, 22, was held for nearly a week under the Terrorism Act, accused of downloading the materials for illegal use. The student had obtained a copy of the al-Qaida training manual from a US government website for his research into terrorist tactics.
My favourite part of the story comes later, when a university spokesperson, explaining that it was perfectly reasonable to report the downloading of the document to the police, observed that "there is an expectation that you will act sensibly within current UK law." It's a shame we can't expect the same of the authorities.
[Via Progressive Gold]
April 22nd, 2008
Needless to say, this arrangement is justified using the magic phrase "anti-terrorism":
THE UK Home Secretary secretively signed a "special certificate" last year that gives foreign security agencies real-time access to traffic camera images and related data monitoring British motorists on highways throughout the UK.
Under the authorisation signed last July 4 by Jacqui Smith, video feeds and still images captured from roadside TV cameras, along with personal data derived from them, can be transmitted out of the UK to countries such as the US, that are outside the European Economic Area.
Not just images of traffic, but 'personal data' derived from them? I wonder how far that goes. The name of the vehicle's registered keeper? Their address? National Insurance number? Police record? DNA information? It all depends upon how elastic the term 'derived from' proves to be in practice.
An anonymous Home Office spokesperson commented:
"We would like to reassure the public that robust controls have been put in place to control and safeguard access to, and use of, the information."
Not to worry, then.