Privacy

See Orin Kerr's take on the Volokh Conspiracy.  One of the reasons I've been so quiet lately is that I'm spending a lot of time working on something that will fix this.

Of course, some would argue that we don't have any 4th Amendment protection left in our homes, either.

In addition to police-monitored cameras all over the country, the government of Britain has decided to track every single user's internet usage.  Data will be retained for a year and can be accessed without a warrant, simply by obtaining the authorization of a senior police officer or deputy head of department.  Over 600 different government agencies will have access to this information, including police, local councils, and tax authorities.

Sigh.  The death of privacy is complete.

AT&T's new GPS tracking service "FamilyMap" is just waiting for the government to start writing warrants.  Assuming that they bother writing warrants anymore; the latest fad under the Patriot Act is to demand business records without a warrant using a National Security Letter.  Once AT&T is tracking your location as a business service, the records are just normal business records like any other... and your movements are subject to government scrutiny.

Orin has an interesting discussion over at the Volokh Conspiracy about applying wiretapping rules on the Internet.  My contribution to the discussion is below.

Orin,

You have a bit of a problem in that it's not readily practical to access message header information without also accessing content information. Technically, there are three portions of a typical internet mail message:

1) The envelope information (typically exchanged as part of the SMTP protocol prior to content delivery and usually duplicated in the message headers)

2) The header information (information about the message intended to be read and processed by machines; this includes the subject line, information about when the message was written, where responses should be sent, and what type of content the message contains, etc)

3) The message body information (entered by the user directly, and displayed to the receipient; usually text paragraphs but also attached files and so on).

The problem is that both 2 and 3 reside in the same file when messages are stored in (standard) RFC822 format. To preserve access to 2 for law enforcement, you have to obtain access to the message content as well. This would normally involve looking on the user's computer, seizing it, since the ISP normally does not keep either parts 2 or 3 of the message once the user has retrieved it.

If you truly want only address information, then you only want the information in 1. That information is stored in SMTP logfiles and can probably be provided by the ISP without invading the user's home or setting up an ongoing monitoring process, simply by examining their existing log data. The burden to everyone involved is much lower, and the analogy to a pen trace on a telephone line (which, as I understand it, provides who-called-who data but no access to the content of the call) is clearer.

Bruce Schneier has some interesting thoughts. 

Some of the comments on Orin's original post have also brought up the fact that the content/addressing distinction is dependent on which network layer you look at.  If you are looking at the TCP/IP level, almost everything is content... however, for practical purposes, the number of criminals inventing their own network protocols or email applications in order to hide their activities is probably small and not useful for formulating general rules.

... look upon our future and despair:

Maybe Redding was a bad kid with a track record of disciplinary problems?  Well, no, she wasn?t.  In fact, before the strip search [for prescription-strength ibuprofen - ed], she had no record of disciplinary problems at all.  When her lawyers pointed this out in court documents, the district acknowledged the lack of a disciplinary record, but said that the inference should have been that she?d just been masterful at avoiding getting caught. They also defended themselves by claiming to have heard rumors that Redding had drunk alcohol at a party, but the court documents show that the person starting the rumor hadn?t attended the event.

This is the result of rule by bureaucrat. When misbehavior by government officials has no consequences, misbehavior becomes the norm.  And horrors like this are visited anywhere their writ extends.

It also sounds pretty benign, even useful. But unlike Weires, I'm a technology guy -- and I have a very acute sense of how seemingly harmless new technologies have a tendency to metastasize into something far nastier and, usually, end up invading our privacy or diminishing our freedoms. And, perhaps due to my own driving history, the story of Weires and his black box had sirens going off in my head.

Think of the worst possible scenarios, and whatever you come up with has a good chance of happening. For example, you know those random checkpoint stops that the police set up every year around the holidays to catch drunks. I've never been a big fan of them, mostly for civil liberties reasons, but like most people I endure this little inconvenience for the perceived larger good.

But what about a checkpoint where the cop walks up, plugs his laptop into your car and then tickets you for going over the speed limit three times last week? Put up some "smart" speed signs that send out signals to your car's black box and it would be simple to make the comparison. Like that one?

Even simpler to hook the black box up to a GPS receiver that the car probably already has. 

You may have heard of the TSA's new insta-porn device, which bounces low-energy x-rays off of your skin when you go through airport screening, producing an image of your body that looks remarkably like... a very detailed (but somewhat ghostlike and bluish) naked human body.   For a while now they've been trying to calm the objections by insisting that the images will have the sensitive areas of the image, breasts and genitals, blurred, plus using same-gender screeners to look at the images. 

However, now that they are actually deploying the system for a live trial, they admit that the images are not blurred.  Oh, and those separate screeners?  They will rely on human signals from other TSA agents to determine the gender of the person being screened.  I wonder how long it will take before no one bothers to signal for gender?

But it's OK, says the TSA.  The screeners won't be allowed to take cameras or cell phones into the screening booth.  How long will that rule last in an agency that can't keep even a single employee from stealing over a quarter-million dollars from luggage?  Including a $47,000 camera?

If they can get a professional-grade TV camera out of the secure area, they can get a cell phone camera in.

Oh, and the screeners will be watching the machine in a private booth, where you won't be able to see or object to their inevitable antics.

I wonder how much you could get on ebay for skin-radar pictures of a naked Angelina Jolie, for example?  I'm sure we'll find out soon enough.

I've posted (or at least thought about posting; I can't be bothered to actually find the post) about a welcome mat with the words "Come back with a warrant" on it.  As someone who values my own rights and privacy, that would be my natural and instinctive response to a police officer making inquiries about a search of my home -- because consenting to a search when you are under suspicion is never a good idea.

But Patterico, who actually works as a prosecutor in California in addition to blogging, thinks such a welcome mat would constitute probable cause for a warrant in and of itself.

That's why I'm a Libertarian, not a Republican.  Asserting one's constitutional rights should never be grounds for suspicion.  If the government didn't have probable cause for a search before being denied permission, the fact that it was denied doesn't give any additional evidentiary weight in favor of a warrant. 

To disregard this is to render Constitutional rights meaningless.  If any refusal can be considered evidence for a compulsory search, then there is no right to refuse a search.

It seems the press is pounding the streets with the story that the NSA is evesdropping on Americans.  Again.  Several bloggers have already pegged this story as being quite similar to one that dropped a few months ago, related to the NSA evesdropping on international calls to or from Al Qaeda members.  Others have explained the legal arguments used to convince judges it's legal.  Lots of panties are bunched. 

Those of you who have been reading this site for some time will not be surprised that I oppose such monitoring.  That we are at war with a terrorist organization does not materially change that fact; blanket surveillance is wrong regardless of justification.  I'm perfectly OK with evesdropping on conversations with terrorists so long as the letter of the law, including the Constitution, is followed; but blanket surveillance of Americans without probable cause is wrong.  So, sure, I don't like what the NSA is doing.

I just don't see why it's suddenly news, at least without the sudden intervention of political expediency.  You see, the NSA has been doing this for a long, long, long time.  I first learned about it under the Clinton administration.  I doubt it started there, or with Bush I before him.  There's an article on the subject from 1988.  It is the NSA's job to conduct traffic analysis and broad-scale surveillance, and the legal justifications to get around Constitutional limits were different then but the capabilities probably are not -- except that national technical means, as author Tom Clancy euphemized, have probably advanced significantly.

You'd think the reporters acting so outraged about this hadn't ever realized our intelligence apparatus had this capability.  Maybe they hadn't.  Ignorance or malice?  It's hardly a new question to be asking about the news media these days, and that's just sad.

So why aren't I worked up about it?  I recognize that nothing has really changed.  Sure, I'd like surveillance programs like this to be shut down.  Unfortunately I'm convinced this is a losing battle.  It's much simpler, not to mention technically better, to simply encrypt everything.  "Can't" trumps "not allowed to".

Not many people would volunteer to wear the classic prisoner's anklet that reports their location to a satellite monitoring system regularly.  It would be, rightly, considered an invasion of privacy -- something society imposes on convicted criminals who pose a demonstrated threat to innocent people.  But millions of people carry cell phones with them everyone and don't give it a second thought.

Perhaps they don't realize that their cell phone is a tracking technology almost as powerful as the monitoring devices used on prisoners.  Technology firms in the UK are already marketing this as a "service", one that covers not only where the cell phone is now but where it has been in the past.  While those services claim to require consent, the underlying technology does not, and that means governments (and private parties through the court system) will have access to the data with no consent required and most likely no opportunity to contest the release.

Brin's The Transparent Society is looking more prophetic by the day.

Colorado is considering legislation that would require ISPs to maintain records of the IP address provided to each customer for 180 days.  Presumably these records would be available to law enforcement upon request -- and the usual tendency for such things is to not require a warrant for the information, at least not in practice.  Corporations aren't exactly eager to refuse to provide data to law enforcement, unless it would somehow cost them money to do so.

There's some controversy over whether radiation sensors require warrants when used by police searches.  Volokh suggests that the standard should be based on precedents about heat sensors pointed at homes (warrants are required), combined with those that indicate serious crimes don't get exceptions for being serious crimes.  I agree with that principle, but I think radiation is distinguishable; among other things it poses an independent health hazard in high enough levels.

While, say, directing X-rays through a building to a receiver on the other side would clearly be an unconstitutional search, merely checking for excessive radiation levels outside a building is quite reasonable and should be admissible in court.

The precedents for heat sensors are also correct; heat sensors are substantially more invasive (because many normal and legal activities generate detectable heat), and the level of heat at which a public health hazard exists is generally quite visible to the naked eye in the form of smoke and flame.

Once you start stepping on to (public spaces of) private property in order to conduct such a search, however, things rapidly become more complex.  I would still be OK with people carrying detectors that can register hazardous-to-health levels of radiation, chemical agents, etc, so long as they remain in areas truly open to the public and don't need to make false representations in order to gain entry. 

I say this because, as a private citizen, I might well want to carry a radiation detector along with me as an early warning of radiation hazard, if I could do so cheaply, and if there was a perceived risk -- consider, for example, the laboratory facilities at many universities. 

Hat tip to Lay Lines for the story.

TONY Blair has sensationally urged schools across Britain to introduce random drug-testing following the News of the World's chilling exposé of the growing menace in our classrooms.

The Prime Minister revealed that the government is to send historic new guidelines to headmasters giving them the power to take urine samples from pupils AND use sniffer dogs to search school grounds for drugs.

"We can't force them to do it but if heads believe they have a problem in their school, then they should be able to do random drug-testing," said Mr Blair in our exclusive interview.

Meet Dudley Hiibel. He's a 59 year old cowboy who owns a small ranch outside of Winnemucca, Nevada. He lives a simple life, but he's his own man. You probably never would have heard of Dudley Hiibel if it weren't for his belief in the U.S. Constitution.

One balmy May evening back in 2000, Dudley was standing around minding his own business when all of a sudden, a policeman pulled-up and demanded that Dudley produce his ID. Dudley, having done nothing wrong, declined. He was arrested and charged with "failure to cooperate" for refusing to show ID on demand. And it's all on video.

On the 22nd of March 2004, the U.S. Supreme Court will decide whether Dudley and the rest of us live in a free society, or in a country where we must show "the papers" whenever a cop demands them.

This case has amicus briefs from the Cato Institute, the Electronic Privacy Information Center, the Electronic Frontier Foundation, the American Civil Liberties Union, and many others. It's an important case, because it touches on the core right of a free people to remain free from arbitrary demands by government officials.

If you don?t tell the world your email, home address and telephone number you could face a seven-year jail sentence and a $150,000 fine under new legislation that the US Congress is trying to push past today.

Congressman Lamar Smith of Texas - chairman of the Courts, the Internet and Intellectual Property Subcommittee of the House Judiciary Committee - yesterday produced from nowhere extensions to the 1946 Trademark Act that would make giving false contact information for a domain name a civil and criminal offence.

This proposal is a clear attempt to outlaw anonymous speech. Never lose sight of the fact that everything that happens on the internet is speech. Requiring people to expose their personal information on domain registrations is a tool of control, NOT a reasonable requirement.

Technology and human ingenuity continue to pose new privacy challenges. During 2003, a new dot.com fashion arose from an odd amalgam of Rolodex address-books, e-communities and dating. Users of these services store personal data on a central server, which can be accessed by other people, and, potentially at least, exploited by the service-operator. There are privacy concerns, of a kind that has been analysed many times before.

The new dimension that these services bring is that they entice users to disclose personal data about their friends, business contacts or acquaintances. That is a disturbing feature, and it requires careful analysis.

This is a brief examination of "contact managers", ie, websites that invite their users to upload contact lists and provide services based on that data. It focuses on the very real privacy risks created by those services, and the disturbing (but hardly surprising) fact that, far from wanting to minimize privacy concerns, these services seek to maximize their privacy invasion. All in order to maximize their profits, of course.

Major U.S. carriers are scrambling to create disclosure policies that inform customers they might share personal data with the federal government, in response to two highly publicized cases in which airlines secretly handed over private passenger information.

The airlines are working swiftly to alert passengers and protect themselves from liability as the U.S. government is poised to force the carriers as early as next month to turn over data as part of a computerized passenger screening program called CAPPS II.

"We have a lot of work to do here," one airline industry source said. "Everyone agrees there's a sense of urgency because the government wants to get going on CAPPS II as soon as possible."

Somehow, these companies keep getting the idea that "adding it to their privacy policy" constitutes the only appropriate action. We don't want to be informed that our airline has just given all of our personal data to the government... we want our private travel information to be kept, well, private.

Simple math is all that is required to see that terrorists cannot be detected through data mining. It's one thing to start from a list of millions of customers and try to extract from those the few thousand who might be interested in a special price on a ticket to Tahiti; it's quite another to take that same list and try to identify the 19 hijackers on the one flight they plan to hijack. You will inevitably end up harassing thousands of false positives -- people who innocently happen to eat middle eastern food and wear the wrong type of sneakers.

The FBI demanded Las Vegas hotels turn over their guest lists leading up to New Year's Eve to check against a U.S. master list of suspected terrorists, a law enforcement official said on Sunday.

The demand for "patron information" went to all major hotels in the Nevada casino and entertainment city, said the official who declined to be named.

Las Vegas was one of six or seven cities mentioned in intelligence reports as potential targets for a terrorist attack during the holiday period, Nevada Gov. Kenny Guinn said on New Year's Eve.

Why does this worry me? It's simple enough: the FBI has moved from taking its list of terrorists out to possible terrorist contact points and asking about the names on it... to demanding the complete customer lists and doing the search themselves. Once the FBI has that information, they can use it for whatever they want. If they use it to catch terrorists, that's a good thing. If they use it for other purposes, that's not such a good thing.

But the fact that they made this demand, and the manner in which they made it, is striking. It implies:

1. They don't have specific information about who might have been in Las Vegas.
2. They don't have specific information about where he or she might have stayed.
3. They don't have speciifc information about his or her appearance.

If they had these things, the obvious investigative technique would be to visit those hotels on the "short list" with a picture or a composite drawing and talk to the employees. That's not as fast as going down a list of names -- but it's a lot more effective at finding terrorists, who are damn well not going to use their real name when signing into a hotel.

So by my criteria, this little expedition is just fishing. They don't know who, what, or where -- at least not within any acceptable level of precision. In fact, I'm willing to bet they had just two pieces of information: "Las Vegas" and the approximate time of some allegedly-planned attack. And in response to this they want to trawl through the customer lists of every hotel in Vegas.

Washington politicians are once again seriously considering imposing a national identification card - and it may well become law before the end of the 108th Congress. The much-hailed 9/11 Commission report released in July recommends a federal identification card and, worse, a "larger network of screening points" inside the United States. Does this mean we are to have "screening points" inside our country where American citizens will be required to "show their papers" to government officials? It certainly sounds that way!

As a practical matter, we already have a national ID card: we just subcontract the issuance to the states and link it to some silly criteria designed to weed out people who are too dumb to drive. But that almost-kinda-sorta state has some significant advantages over a real national ID, and those advantages are instructive on the benefits of maintaining a strong state government rather than a strong federal government.

Under the current, state-based system, the people with real authority are very close to you. They live in your state, and in the US, that means they are within a few hours drive at most. If you don't like what they're doing, you can lobby them, or try to get them kicked out of office during the next election. If you are having a problem with the appointed officials, you can go over their heads to the politicians who appointed them. And you have a chance of actually making a difference, because you're competing for influence with other residents of your state rather than all 300 million people in the US.

With a federal system, though, the people with real power are the people in Washington. You can't reach them except by telephone, unless you are willing to travel possibly thousands of miles to voice your opinion. Your local officials will have no power to set policy. The disaster that our federal government has become will intrude even further into your life.

Go read the whole thing. Ron Paul's speeches are powerful.

When Assistant U.S. Attorney Jonathan Luna's sedan cruised through a toll booth the night he was killed, his E-ZPass card automatically billed him. More importantly, it left an electronic record of his travels for police investigating the crime.

Millions of drivers now use electronic toll systems to pay for tolls without digging out cash, and investigators are increasingly using the electronic record they create as a crime fighting tool.

The New York Thruway System has received 128 subpoenas from investigators since 1998, and has turned over records in response to 61 of them, said Terry O'Brien, a spokesman for the thruway system.

The thruway system has issued electronic cards for use in 5.1 million vehicles, so the number of records subpoenaed is a small percentage. But experts predict the records will increasingly find their way into both criminal and civil cases.

No particular quibble with this usage, but the potential these devices have -- that is, to track our whereabouts on an ongoing basis, because each person is carrying a tiny transponder device that can be picked up at ez-pass boothes and elsewhere -- is pretty scary.

The MPs suggested that loyalty cards could be used to identify customers who bought excessive amounts of foods high in fat, sugar and salt, and asked whether supermarkets could use this information to promote healthier alternatives to these customers.

They also called on supermarkets to feature more fruit and vegetables in their advertising and to replace shelves of sweets next to checkouts with healthier alternatives.

In the US, this is still more of a horror story than a real threat.

An appeals court this week put the brakes on an FBI surveillance technique that turns an automobile driver's on-board vehicle navigation system into a covert eavesdropping device, after finding that the spying effectively disables the system's emergency and roadside assistance features.

RFID Journal has learned that the U.S. Department of Defense plans to ask its top 100 suppliers to put RFID tags on pallets, cases and big-ticket items. The military intends to spell out its plans in detail sometime next summer, but it is believed that tagging could begin in 2005.

RFID tags in general are a significant privacy risk, but use for inventory control in the military isn't such a big deal... except in that the military use could inject a huge amount of money and support into the technology.

Still, some projects from retired Adm. John Poindexter's Total Information Awareness effort were transferred to U.S. intelligence offices, congressional, federal and research officials told The Associated Press.

In addition, Congress left undisturbed a separate but similar $64 million research program run by a little-known office called the Advanced Research and Development Activity, or ARDA, that has used some of the same researchers as Poindexter's program.

"The whole congressional action looks like a shell game," said Steve Aftergood of the Federation of American Scientists, which tracks work by U.S. intelligence agencies. "There may be enough of a difference for them to claim TIA was terminated while for all practical purposes the identical work is continuing."

Next week the U.S. Supreme Court will hear a case to decide whether or not all Americans must have identification on them at all times. The case has been brought by a cowboy in Nevada who was asked to show ID while he was leaning against his pickup truck on the side of the road near his ranch. The police officer did not offer any specific reason why he demanded proof of identity. Having committed no crime, Dudley Hiibel, the cowboy, refused ? and was arrested. He was later convicted for "Delaying a Peace Officer." In America, still a free country, citizens should not be required to provide identification papers at any whim of the authorities.