Tag Archives: surveillance

Some good articles on surveillance

Leave a reply

There are a number of very good articles floating around as the NSA debacle begins to sink in. Two in particular come to mind, the first is a great long read, the second and third are just about the range of implications that will emerge over time of living in a surveillance state that continues to have many functioning democratic institutions:

The Ecuadorian Library

Lawyers eye NSA data as treasure trove for evidence in murder, divorce cases

It’s time Google came to grips with how it enables the surveillance state

Again, as outraged as Americans may be, we non-american have already had to come to grips with the fact that a drone strike can be called against us any time, any where, with no judicial oversight. And now we are coming to grips with the fact that the US government is monitoring everything we do online and building the capacity to store it, indefinitely.

I don’t think America has really grasped how far it has fallen from the “shining city upon a hill whose beacon light guides freedom-loving people everywhere.” This isn’t to say any one thinks that other players are better, but America sold the world not on a relative debate (hey, we’re better than the Russians) but on the promise of an ideal.

More on all of this on Tuesday but wanted to share the reads.

Citizen Surveillance and the Coming Challenge for Public Institutions

Leave a reply

The other day I stumbled over this intriguing article which describes how a group of residents in Vancouver have started to surveille the police as they do their work in the downtown eastside, one of the poorest and toughest neighborhoods in Canada. The reason is simple. Many people – particularly those who are marginalized and most vulnerable – simply do not trust the police. The interview with the founder of Vancouver Cop Watch probably sums it up best:

“One of the complaints we have about District 2 is about how the Vancouver police were arresting people and taking them off to other areas and beating them up instead of taking them to a jail,” Allan told the Georgia Straight in a phone interview. “So what we do is that, when in the Downtown Eastside, whenever we see the police arresting someone, we follow behind them to make sure that the person makes it to the jail.”

In a world where many feel it is hard to hold accountable government in general and police forces specifically, finding alternative means of creating such accountability will be deeply alluring. And people no longer need the funding and coordination of organizations like Witness (which initially focused on getting videocameras into peoples hands in an effort to prevent human rights abuses). Digital video cameras and smart phones coupled with services like youtube now provide this infrastructure for virtually nothing.

This is the surveillance society – predicted and written about by authors like David Brin – and it is driven as much by us, the citizens, as it is by government.

Vancouver Cop Watch is not the first example of this type of activity – I’ve read about people doing this across the United States. What is fascinating is watching the state try to resist and fail miserably. In the US the police have lost key battles in the courts. This after the police arrested people filming them even when while on their own property. And despite the ruling people continue to be arrested for filming the police – a choice I suspect diminishes public confidence in the police and the state.

And it is not just the police getting filmed. Transit workers in Toronto have taken a beating of late as they are filmed asleep on the job. Similarly, a scared passenger filmed an Ottawa bus driver who was aggressive and swearing at an apologizing mentally ill passenger. A few years ago the public in Montreal was outraged as city crews were filmed repairing few potholes and taking long breaks.

The simple fact is, if you are a front line worker – in either the private, but especially, the public sector – there is a good chance that at some point in your career you’re going to be filmed. And even when you are not being filmed, more data is going to be collected about what you do and how you do it.

Part of this reality is that it is going to require a new level of training for front line workers, this will be particularly hard on the police, but they should expect more stories like this one.

I also suspect there will be two reactions to it. Some government services will clam up and try to become more opaque, fearing all public inquiry. Their citizens – armed with cameras – all become potential threats. Over time, it is hard not imagining their legitimacy becoming further and further eroded (I’m thinking of you RCMP) as a video here, and audio clip there, shapes the publics image of the organization. Others will realize that anecdotal and chance views of their operations represents a real risk to their image. Consequently they may strive to be more transparent – sharing more data about their operations and their processes – in an effort to provide the public with greater context. The goal here will be to provide a counter point to any unfortunate incidents, trying to make a single negative anecdotal data point that happened to be filmed part of a larger complex number of data points.

Obviously, I have strong suspicions regarding which strategy will work, and which one won’t, in a democratic society but am confident many will disagree.

Either way, these challenges are going to require adaptation strategies and it won’t be easy for public institutions adverse to both negative publicity and transparency.

The Surveillance State – No Warrant Required

9 Replies

Yesterday a number of police organizations came out in support of bill C-30 – the online surveillance bill proposed by Minister Vic Toews. You can read the Vancouver Police Department’s full press release here – I’m referencing theirs not because it is particularly good or bad, but simply because it is my home town.

For those short on time, the very last statement, at the bottom of the post, is by far the worst and is something every Canadian should know. The authors of these press releases would have been wise to read Michael Geist’s blog posts from yesterday before publishing. Geist’s analysis shows that, at best, the police are misinformed, at worst, they are misleading the public.

So let’s look at some of the details of the press release that are misleading:

Today I speak to you as the Deputy Chief of the VPD’s Investigation Division, but also as a member of the Canadian Association of Chiefs of Police, and I’m pleased to be joined by Tom Stamatakis, President of both the Vancouver Police Union and Canadian Police Association.
The Canadian Association of Chiefs of Police (CACP) is asking Canadians to consider the views of law enforcement as they debate what we refer to as “lawful access,” or Bill C-30 – “An Act to enact the Investigating and Preventing Criminal Electronic Communications Act and to amend the Criminal Code and other Acts.”
This Bill was introduced by government last week and it has generated much controversy. There is no doubt that the Bill is complex and the technology it refers to can be complex as well.
I would, however, like to try to provide some understanding of the Bill from a police perspective. We believe new legislation will:
  • assist police with the necessary tools to investigate crimes while balancing, if not strengthening, the privacy rights for Canadians through the addition of oversight not currently in place

So first bullet point, first problem. While it is true the bill brings in some new process, to say it strengthens privacy rights is misleading. It has become easier, not harder, to gain access to people’s personal data. Before, when the police requested personal information from internet service providers (ISPs) the ISPs could say no. Now, we don’t even have that. Worse, the bill apparently puts a gag on order on these warrantless demands, so you can’t even find out if a government agency has requested information about you.

  • help law enforcement investigate and apprehend those who are involved in criminal activity while using new technologies to avoid apprehension due to outdated laws and technology
  • allow for timely and consistent access to basic information to assist in investigations of criminal activity and other police duties in serving the public (i.e. suicide prevention, notifying next of kin, etc.)

This, sadly, is a misleading statement. As Michael Geist notes in his blog post today “The mandatory disclosure of subscriber information without a warrant has been the hot button issue in Bill C-30, yet it too is subject to unknown regulations. These regulations include the time or deadline for providing the subscriber information (Bill C-30 does not set a time limit)…”

In other words, for the police to say the bill will get timely access to basic information – particularly timely enough to prevent a suicide, which would have to be virtually real time access – is flat out wrong. The bill makes no such promise.

Moreover, this underlying justification is itself fairly ridiculous while the opportunities for abuse are not trivial. It is interesting that none of the examples have anything to do with preventing crime. Suicides are tragic, but do not pose a risk to society. And speedily notifying next of kin is hardly such an urgent issue that it justifies warrantless access to Canadians private information. These examples speak volumes about the strength of their case.

Finally, it is worth noting that while the Police (and the Minister) refer to this as “basic” information, the judiciary disagrees. Earlier this month the Saskatchewan Court of Appeal concluded in R v Trapp, 2011 SKCA 143 that an individual has a reasonable expectation of privacy in the IP address assigned to him or her by an internet service provider, a point which appeared not to have been considered previously by an appellate court in Canada

The global internet, cellular phones and social media have all been widely adopted and enjoyed by Canadians, young and old. Many of us have been affected by computer viruses, spam and increasingly, bank or credit card fraud.

This is just ridiculous and is designed to do nothing more than play on Canadians fears. I mean spam? Really? Google Mail has virtually eliminated spam for its users. No government surveillance infrastructure was required. Moreover, it is very, very hard to see how the surveillance bill will help with any of the problems cited about – viruses, spam or bank fraud.

Okay skipping ahead (again you can read the full press release here)

2. Secondly, the matter of basic subscriber information is particularly sensitive.
The information which companies would be compelled to release would be: name, address, phone number, email address, internet protocol address, and the name of the service provider to police who are in the lawful execution of their duties.
Actually to claim that these are going to police who are in the lawful execution of their duties is also misleading. This data would be made available to police who, at best, believe they are in the lawful execution of their duties. This is precisely why we have warrants so that an independent judiciary can assess whether or not the police are actually engaged in the lawful execution of their duties. Strip away that check and there will be abuses. Indeed, the Sun Newspaper phone hacking scandal in the UK serves as a perfect example of the type of abuse that is possible. In this case police officers were able to access “under extraordinary circumstances” without a warrant or oversight, the names and phone numbers of people whose phones they wanted to, or had already, hacked.
While this information is important to police in all types of investigations, it can be critical in cases where it is urgent that police locate a caller or originator of information that reasonably causes the police to suspect that someone’s safety is at risk.
Without this information the police may not be able to quickly locate and help the person who was in trouble or being victimized.
An example would be a message over the internet indicating someone was contemplating suicide where all we had was an email address.
Again, see above. The bill does not stipulate any timelines around sharing this data. This statement is designed to lead readers to believe readers that the bill will grant necessary and instant access so that a situation could be defused in the moment. The bill does nothing of the sort.
Currently, there is no audited process for law enforcement to gain access to basic subscriber information. In some cases, internet service providers (ISPs) provide the information to police voluntarily — others will not, or often there are lengthy delays. The problem is that there is no consistency in providing this information to police nationally.

This, thankfully is a sensible statement.

3. Lastly, and one of the most important things to remember, this bill does NOT allow the police to monitor emails, phone calls or internet surfing at will without a warrant, as has been implied or explicitly stated.
There is no doubt that those who are against the legislation want you to believe that it does. I have read the Bill and I cannot find that anywhere in it. There are no changes in this area from the current legislation.

This is the worst part of the press release as it is definitely not true. See Michael Geist’s – the Ottawa professor most on top of this story – blog post from yesterday, which was written before this press release went out. According to Geist, there is a provision in the law that “…opens the door to police approaching ISPs and asking them to retain data on specified subscribers or to turn over any subscriber information – including emails or web surfing activities – without a warrant. ISPs can refuse, but this provision is designed to remove any legal concerns the ISP might have in doing so, since it grants full criminal and civil immunity for the disclosures.” In other words the Police can conduct warantless surveillance. It just requires the permission of the ISPs. This flat out contradicts the press release.

 

What I'm Digesting: Good Reads from the First Week of January

1 Reply

Government Procurement is Broken: Example #5,294,702 or “The Government’s $200,000 Useless Android Application” by Rich Jones

This post is actually a few months old, but I stumbled on it again the other day and could help but laugh and cry at the same time. Written by a freelance computer developer, the post traces the discovery of a simply iphone/android app the government paid $200,000 to develop that is both unusable from a user interface perspective and does not actually work.

It’s a classic example of how government procurement is deeply, deeply broken (a subject I promise to write more about soon). Many governments – and the bigger they are, the worse it gets – are incapable of spending small sums of money. Any project, in order to work in their system, must be of a minimum size, and so everything scales up. Indeed simply things are encouraged to become more expensive so that the system can process them. There is another wonderful (by which I mean terrifying) example of this in one of the first couple of chapter of Open Government.

How Governments Try to Block Tor by Roger Dingledine

For those who don’t know what Tor is, it’s “free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.” Basically, if you are someone who doesn’t want anyone – particularly the government – seeing what websites you visit, you need Tor. I don’t think I need to say how essential this service is, if say, you live China, Iran or Syria or obviously Egypt, Libya, Tunisia or any of the other states still convulsing from the Arab Spring.

The hour and 10 minute long speech is a rip roaring romp through the world of government surveillance. It’s scary than you want to know and very, very real. People die. It’s not pretty but it is incredible. For those of you not technically inclined, don’t be afraid, there is techno-babble you won’t understand but don’t worry, it won’t diminish the experience.

The Coming War on General Computation by Cory Doctorow

Another video, also from the Chaos Communication Conference in Berlin (how did I not know about this conference? pretty much everything I’ve seen out of it has been phenomenal – big congrats to the organizers).

This video is Cory Doctorow basically giving everybody in the Tech World a solid reality check the state of politics and technology. If you are a policy wonk who cares about freedom of choice, industrial policy, copyright, the economy or individual liberty, this strikes video is a must view.

For those who don’t know Cory Doctorow (go follow him on Twitter right now) he is the guy who made Minister Moore look like a complete idiot on copyright reform (I also captured their twitter debate here).

Sadly, the lunacy of the copyright bill is only going to be the beginning of our problems. Watch it here:

Social Media and Rioters

10 Replies

My friend Alexandra Samuel penned a piece titled “After a Loss in Vancouver, Troubling Signals of Citizen Surveillance” over at the Harvard Business Review. The piece highlights her concern with the number of people willing to engage in citizen surveillance.

As she states:

It’s one thing to take pictures as part of the process of telling your story, or as part of your (paid or unpaid) work as a citizen journalist. It’s another thing entirely to take and post pictures and videos with the explicit intention of identifying illegal (or potentially illegal) activity. At that moment you are no longer engaging in citizen journalism; you’re engaging in citizen surveillance.

And I don’t think we want to live in a society that turns social media into a form of crowdsourced surveillance. When social media users embrace Twitter, Facebook, YouTube and blogs as channels for curating, identifying and pursuing criminals, that is exactly what they are moving toward.

I encourage you to read the piece, and, I’m not sure I agree with much of it on two levels.

First, I want to steer away from good versus bad and right versus wrong. Social Media isn’t going to create only good outcomes, or only bad outcomes, it is going to create both (something I know Alex acknowledges). This technology will, like previous technologies, reset what normal means. In the new world we are becoming more powerful “sensors” in our society. We can enable others to know what, good and bad, is going on around us. To believe that we won’t share, and that others won’t use our shared information to inform their decisions, is simply not logical. As dBarefoot points out in the comments there are lots of social good that can come for surveillance. In the end you can’t post videos of human right injustices without also being able to post videos of people at abortion clinics, you can’t post videos of officials taking bribes without also being able to post videos of people smoking drugs at a party. The alternative, a society where people are not permitted to share, strikes me as even more dangerous than a society where we can share but where one element of that sharing ends up being used as surveillance. My suspicion is that we may end up regulating some use – there will be some things people cannot share online (visiting abortion clinics may end up being one of those) but I’m not confident of even this.

But I suspect that in a few decades my children will be stunned that I grew up in a world of no mutual surveillance. That we tolerated the risks of a world where mutual surveillance didn’t exist – they may wonder at a basic level, how we felt safe at night or in certain circumstances (I really recommend David Brin’s Science Fiction writing, especially Earth in which he explores this idea). I can also imagine they will find the idea of total anonymity and having an untraceable past to both eerie, frightening and intriguing. In their world, having grown up with social media will be different, some of the things we feel are bad, they will like, and vice versa.

Another issues missing from Alex’s piece is the role of the state. It is one thing for people to post pictures of each other, it is another about how, and if, the state does the same. As many tweeters stated – this isn’t 1994 (the last time there were riots in Vancouver). Social media is going to do is make the enforcement of law a much and the role of the state a much trickier subject. Ultimately, they cannot ignore photos of rioters engaged in illegal acts. So the question isn’t so much on what we are going to share, it is about what we should allow the state to do, and not to do, with the information we create. The state’s monopoly on violence gives it a unique role, one that will need to be managed carefully. This monopoly, combined with a world of perfect (or at least, a lot more) information will I imagine necessitate a state and justice system that that looks very, very different than the one we have right now if we are to protect of civil liberties as we presently understand them. (I suspect I’ll be writing some more about this)

But I think the place where I disagree the most with Alex is in the last paragraph:

What social media is for — or what it can be for, if we use it to its fullest potential — is to create community. And there is nothing that will erode community faster, both online and off, than creating a society of mutual surveillance.

Here, Alex confuses the society she’d like to live in with what social media enables. I see nothing to suggest that mutual surveillance will erode community, indeed, I think it already has demonstrated that it does the opposite. Mutual surveillance fosters lots of communities – from communities that track human rights abuses, to communities that track abortion providers to communities that track disabled parking violators. Surveillance builds communities, it may be that, in many cases, those communities pursue the marginalization of another community or termination of a specific behaviour, but that does not make them any less a part of our society’s fabric. It may not create communities everyone likes, but it can create community. What matters here is not if we can monitor one another, but what ends up happening with the information we generate, and why I think we’ll want to think hard about what we allow the state to do and to permit others to do, more and more carefully.