Privacy

It also sounds pretty benign, even useful. But unlike Weires, I'm a technology guy -- and I have a very acute sense of how seemingly harmless new technologies have a tendency to metastasize into something far nastier and, usually, end up invading our privacy or diminishing our freedoms. And, perhaps due to my own driving history, the story of Weires and his black box had sirens going off in my head.

Think of the worst possible scenarios, and whatever you come up with has a good chance of happening. For example, you know those random checkpoint stops that the police set up every year around the holidays to catch drunks. I've never been a big fan of them, mostly for civil liberties reasons, but like most people I endure this little inconvenience for the perceived larger good.

But what about a checkpoint where the cop walks up, plugs his laptop into your car and then tickets you for going over the speed limit three times last week? Put up some "smart" speed signs that send out signals to your car's black box and it would be simple to make the comparison. Like that one?

Even simpler to hook the black box up to a GPS receiver that the car probably already has. 

You may have heard of the TSA's new insta-porn device, which bounces low-energy x-rays off of your skin when you go through airport screening, producing an image of your body that looks remarkably like... a very detailed (but somewhat ghostlike and bluish) naked human body.   For a while now they've been trying to calm the objections by insisting that the images will have the sensitive areas of the image, breasts and genitals, blurred, plus using same-gender screeners to look at the images. 

However, now that they are actually deploying the system for a live trial, they admit that the images are not blurred.  Oh, and those separate screeners?  They will rely on human signals from other TSA agents to determine the gender of the person being screened.  I wonder how long it will take before no one bothers to signal for gender?

But it's OK, says the TSA.  The screeners won't be allowed to take cameras or cell phones into the screening booth.  How long will that rule last in an agency that can't keep even a single employee from stealing over a quarter-million dollars from luggage?  Including a $47,000 camera?

If they can get a professional-grade TV camera out of the secure area, they can get a cell phone camera in.

Oh, and the screeners will be watching the machine in a private booth, where you won't be able to see or object to their inevitable antics.

I wonder how much you could get on ebay for skin-radar pictures of a naked Angelina Jolie, for example?  I'm sure we'll find out soon enough.

I've posted (or at least thought about posting; I can't be bothered to actually find the post) about a welcome mat with the words "Come back with a warrant" on it.  As someone who values my own rights and privacy, that would be my natural and instinctive response to a police officer making inquiries about a search of my home -- because consenting to a search when you are under suspicion is never a good idea.

But Patterico, who actually works as a prosecutor in California in addition to blogging, thinks such a welcome mat would constitute probable cause for a warrant in and of itself.

That's why I'm a Libertarian, not a Republican.  Asserting one's constitutional rights should never be grounds for suspicion.  If the government didn't have probable cause for a search before being denied permission, the fact that it was denied doesn't give any additional evidentiary weight in favor of a warrant. 

To disregard this is to render Constitutional rights meaningless.  If any refusal can be considered evidence for a compulsory search, then there is no right to refuse a search.

It seems the press is pounding the streets with the story that the NSA is evesdropping on Americans.  Again.  Several bloggers have already pegged this story as being quite similar to one that dropped a few months ago, related to the NSA evesdropping on international calls to or from Al Qaeda members.  Others have explained the legal arguments used to convince judges it's legal.  Lots of panties are bunched. 

Those of you who have been reading this site for some time will not be surprised that I oppose such monitoring.  That we are at war with a terrorist organization does not materially change that fact; blanket surveillance is wrong regardless of justification.  I'm perfectly OK with evesdropping on conversations with terrorists so long as the letter of the law, including the Constitution, is followed; but blanket surveillance of Americans without probable cause is wrong.  So, sure, I don't like what the NSA is doing.

I just don't see why it's suddenly news, at least without the sudden intervention of political expediency.  You see, the NSA has been doing this for a long, long, long time.  I first learned about it under the Clinton administration.  I doubt it started there, or with Bush I before him.  There's an article on the subject from 1988.  It is the NSA's job to conduct traffic analysis and broad-scale surveillance, and the legal justifications to get around Constitutional limits were different then but the capabilities probably are not -- except that national technical means, as author Tom Clancy euphemized, have probably advanced significantly.

You'd think the reporters acting so outraged about this hadn't ever realized our intelligence apparatus had this capability.  Maybe they hadn't.  Ignorance or malice?  It's hardly a new question to be asking about the news media these days, and that's just sad.

So why aren't I worked up about it?  I recognize that nothing has really changed.  Sure, I'd like surveillance programs like this to be shut down.  Unfortunately I'm convinced this is a losing battle.  It's much simpler, not to mention technically better, to simply encrypt everything.  "Can't" trumps "not allowed to".

Not many people would volunteer to wear the classic prisoner's anklet that reports their location to a satellite monitoring system regularly.  It would be, rightly, considered an invasion of privacy -- something society imposes on convicted criminals who pose a demonstrated threat to innocent people.  But millions of people carry cell phones with them everyone and don't give it a second thought.

Perhaps they don't realize that their cell phone is a tracking technology almost as powerful as the monitoring devices used on prisoners.  Technology firms in the UK are already marketing this as a "service", one that covers not only where the cell phone is now but where it has been in the past.  While those services claim to require consent, the underlying technology does not, and that means governments (and private parties through the court system) will have access to the data with no consent required and most likely no opportunity to contest the release.

Brin's The Transparent Society is looking more prophetic by the day.

Colorado is considering legislation that would require ISPs to maintain records of the IP address provided to each customer for 180 days.  Presumably these records would be available to law enforcement upon request -- and the usual tendency for such things is to not require a warrant for the information, at least not in practice.  Corporations aren't exactly eager to refuse to provide data to law enforcement, unless it would somehow cost them money to do so.

There's some controversy over whether radiation sensors require warrants when used by police searches.  Volokh suggests that the standard should be based on precedents about heat sensors pointed at homes (warrants are required), combined with those that indicate serious crimes don't get exceptions for being serious crimes.  I agree with that principle, but I think radiation is distinguishable; among other things it poses an independent health hazard in high enough levels.

While, say, directing X-rays through a building to a receiver on the other side would clearly be an unconstitutional search, merely checking for excessive radiation levels outside a building is quite reasonable and should be admissible in court.

The precedents for heat sensors are also correct; heat sensors are substantially more invasive (because many normal and legal activities generate detectable heat), and the level of heat at which a public health hazard exists is generally quite visible to the naked eye in the form of smoke and flame.

Once you start stepping on to (public spaces of) private property in order to conduct such a search, however, things rapidly become more complex.  I would still be OK with people carrying detectors that can register hazardous-to-health levels of radiation, chemical agents, etc, so long as they remain in areas truly open to the public and don't need to make false representations in order to gain entry. 

I say this because, as a private citizen, I might well want to carry a radiation detector along with me as an early warning of radiation hazard, if I could do so cheaply, and if there was a perceived risk -- consider, for example, the laboratory facilities at many universities. 

Hat tip to Lay Lines for the story.

Washington politicians are once again seriously considering imposing a national identification card - and it may well become law before the end of the 108th Congress. The much-hailed 9/11 Commission report released in July recommends a federal identification card and, worse, a "larger network of screening points" inside the United States. Does this mean we are to have "screening points" inside our country where American citizens will be required to "show their papers" to government officials? It certainly sounds that way!

As a practical matter, we already have a national ID card: we just subcontract the issuance to the states and link it to some silly criteria designed to weed out people who are too dumb to drive. But that almost-kinda-sorta state has some significant advantages over a real national ID, and those advantages are instructive on the benefits of maintaining a strong state government rather than a strong federal government.

Under the current, state-based system, the people with real authority are very close to you. They live in your state, and in the US, that means they are within a few hours drive at most. If you don't like what they're doing, you can lobby them, or try to get them kicked out of office during the next election. If you are having a problem with the appointed officials, you can go over their heads to the politicians who appointed them. And you have a chance of actually making a difference, because you're competing for influence with other residents of your state rather than all 300 million people in the US.

With a federal system, though, the people with real power are the people in Washington. You can't reach them except by telephone, unless you are willing to travel possibly thousands of miles to voice your opinion. Your local officials will have no power to set policy. The disaster that our federal government has become will intrude even further into your life.

Go read the whole thing. Ron Paul's speeches are powerful.

The FBI demanded Las Vegas hotels turn over their guest lists leading up to New Year's Eve to check against a U.S. master list of suspected terrorists, a law enforcement official said on Sunday.

The demand for "patron information" went to all major hotels in the Nevada casino and entertainment city, said the official who declined to be named.

Las Vegas was one of six or seven cities mentioned in intelligence reports as potential targets for a terrorist attack during the holiday period, Nevada Gov. Kenny Guinn said on New Year's Eve.

Why does this worry me? It's simple enough: the FBI has moved from taking its list of terrorists out to possible terrorist contact points and asking about the names on it... to demanding the complete customer lists and doing the search themselves. Once the FBI has that information, they can use it for whatever they want. If they use it to catch terrorists, that's a good thing. If they use it for other purposes, that's not such a good thing.

But the fact that they made this demand, and the manner in which they made it, is striking. It implies:

1. They don't have specific information about who might have been in Las Vegas.
2. They don't have specific information about where he or she might have stayed.
3. They don't have speciifc information about his or her appearance.

If they had these things, the obvious investigative technique would be to visit those hotels on the "short list" with a picture or a composite drawing and talk to the employees. That's not as fast as going down a list of names -- but it's a lot more effective at finding terrorists, who are damn well not going to use their real name when signing into a hotel.

So by my criteria, this little expedition is just fishing. They don't know who, what, or where -- at least not within any acceptable level of precision. In fact, I'm willing to bet they had just two pieces of information: "Las Vegas" and the approximate time of some allegedly-planned attack. And in response to this they want to trawl through the customer lists of every hotel in Vegas.

Major U.S. carriers are scrambling to create disclosure policies that inform customers they might share personal data with the federal government, in response to two highly publicized cases in which airlines secretly handed over private passenger information.

The airlines are working swiftly to alert passengers and protect themselves from liability as the U.S. government is poised to force the carriers as early as next month to turn over data as part of a computerized passenger screening program called CAPPS II.

"We have a lot of work to do here," one airline industry source said. "Everyone agrees there's a sense of urgency because the government wants to get going on CAPPS II as soon as possible."

Somehow, these companies keep getting the idea that "adding it to their privacy policy" constitutes the only appropriate action. We don't want to be informed that our airline has just given all of our personal data to the government... we want our private travel information to be kept, well, private.

Simple math is all that is required to see that terrorists cannot be detected through data mining. It's one thing to start from a list of millions of customers and try to extract from those the few thousand who might be interested in a special price on a ticket to Tahiti; it's quite another to take that same list and try to identify the 19 hijackers on the one flight they plan to hijack. You will inevitably end up harassing thousands of false positives -- people who innocently happen to eat middle eastern food and wear the wrong type of sneakers.

Technology and human ingenuity continue to pose new privacy challenges. During 2003, a new dot.com fashion arose from an odd amalgam of Rolodex address-books, e-communities and dating. Users of these services store personal data on a central server, which can be accessed by other people, and, potentially at least, exploited by the service-operator. There are privacy concerns, of a kind that has been analysed many times before.

The new dimension that these services bring is that they entice users to disclose personal data about their friends, business contacts or acquaintances. That is a disturbing feature, and it requires careful analysis.

This is a brief examination of "contact managers", ie, websites that invite their users to upload contact lists and provide services based on that data. It focuses on the very real privacy risks created by those services, and the disturbing (but hardly surprising) fact that, far from wanting to minimize privacy concerns, these services seek to maximize their privacy invasion. All in order to maximize their profits, of course.

A recent Associated Press article about the FBI raiding an Ohio-based chat host company's offices and confiscating its servers sent a chill up my spine.

The FBI acted on information that someone may have used the service for hacking. It was within its jurisdiction, obtaining a warrant for the search and seizure. But it's what they could do with those servers and the information stored on them that really has me spooked.

These chat rooms' servers have IPs and probably e-mail addresses (if not much more) stored on them about both the regulars and the "just-passing-through" users. Since the FBI was looking for someone who may have hacked someone else's computer through the aforementioned chat hosting service, everyone came under scrutiny. In other words, if you ever visited that chat room and participated (or maybe just looked around) you're a suspect.

As a practical matter, seizing an entire server to use as evidence is almost a necessity; there's not really any other way to ensure that data on that server is both safe from alteration and available to both prosecution and defense. Most "evidence" on a server consists of log files or the files left over by a hacker after breaking in, and both of those types of evidence are almost necessarily deleted over time by a properly run system.

The people whose information is actually on that server will see it differently. If a server gets taken, everyone who accessed it will have their data examined as least cursorily (to see if their data is evidence). In theory, if the evidence isn't covered by the current search warrant, it's supposed to be ignored -- but who wants to bet on that actually happening, once it's been examined, if the investigating officer finds something a little suspicious about it? And even if there's nothing suspicious about it, there are still a lot of things you don't want random people reading.

The first-line answer: use encryption. The problem with that is that the police won't be able to read it either, and that's going to put you in the suspicious list by itself; not to mention, most people don't have even the first idea how to use encryption for their email.

There isn't a good answer for this yet. But there will be, and it's pervasive, server-managed encryption. Implemented properly, such a system would allow the truly private to use their own encryption mechanisms, but allow those who aren't as concerned to use encryption managed by their email address provider. Using such a system, when presented with an email warrant, the owner of the server could decrypt only the emails to or from the specific email addresses named. No one else would have their privacy violated. It's not as secure for the end-user, but it's a hell of a lot better than the current situation.

Of course, that won't stop law enforcement from simply taking the whole thing, at least for now.

When Assistant U.S. Attorney Jonathan Luna's sedan cruised through a toll booth the night he was killed, his E-ZPass card automatically billed him. More importantly, it left an electronic record of his travels for police investigating the crime.

Millions of drivers now use electronic toll systems to pay for tolls without digging out cash, and investigators are increasingly using the electronic record they create as a crime fighting tool.

The New York Thruway System has received 128 subpoenas from investigators since 1998, and has turned over records in response to 61 of them, said Terry O'Brien, a spokesman for the thruway system.

The thruway system has issued electronic cards for use in 5.1 million vehicles, so the number of records subpoenaed is a small percentage. But experts predict the records will increasingly find their way into both criminal and civil cases.

No particular quibble with this usage, but the potential these devices have -- that is, to track our whereabouts on an ongoing basis, because each person is carrying a tiny transponder device that can be picked up at ez-pass boothes and elsewhere -- is pretty scary.

The MPs suggested that loyalty cards could be used to identify customers who bought excessive amounts of foods high in fat, sugar and salt, and asked whether supermarkets could use this information to promote healthier alternatives to these customers.

They also called on supermarkets to feature more fruit and vegetables in their advertising and to replace shelves of sweets next to checkouts with healthier alternatives.

In the US, this is still more of a horror story than a real threat.

An appeals court this week put the brakes on an FBI surveillance technique that turns an automobile driver's on-board vehicle navigation system into a covert eavesdropping device, after finding that the spying effectively disables the system's emergency and roadside assistance features.

RFID Journal has learned that the U.S. Department of Defense plans to ask its top 100 suppliers to put RFID tags on pallets, cases and big-ticket items. The military intends to spell out its plans in detail sometime next summer, but it is believed that tagging could begin in 2005.

RFID tags in general are a significant privacy risk, but use for inventory control in the military isn't such a big deal... except in that the military use could inject a huge amount of money and support into the technology.

Every child in England will be given a unique identifying number attached to an electronic file of personal information about their lives, under plans announced yesterday to avoid a repetition of the murder of Victoria Climbié.

Remember, every cry to "save the children" is a cry to imprison the adults.

The police don't ever like anonymonity, so remember not to trust services like this too far. In this case, though, open-source enabled people to learn what was happening -- which deserves kudos to the open-source methods.

What many Americans don't realize is that their enthusiastic consumerism does a lot more for the interests of national security (search) than keeping the economy strong. Long after credit card bills are paid and checking accounts replenished, the information retailers collect about customers in those increasingly intrusive mini-interrogations at the cash register--zip codes, phone numbers, purchases, even point of purchase requests for email addresses and Social Security numbers--remains bouncing around networks of computer databases, permanently traceable and trackable by the government.

If you don?t tell the world your email, home address and telephone number you could face a seven-year jail sentence and a $150,000 fine under new legislation that the US Congress is trying to push past today.

Congressman Lamar Smith of Texas - chairman of the Courts, the Internet and Intellectual Property Subcommittee of the House Judiciary Committee - yesterday produced from nowhere extensions to the 1946 Trademark Act that would make giving false contact information for a domain name a civil and criminal offence.

This proposal is a clear attempt to outlaw anonymous speech. Never lose sight of the fact that everything that happens on the internet is speech. Requiring people to expose their personal information on domain registrations is a tool of control, NOT a reasonable requirement.

Meet Dudley Hiibel. He's a 59 year old cowboy who owns a small ranch outside of Winnemucca, Nevada. He lives a simple life, but he's his own man. You probably never would have heard of Dudley Hiibel if it weren't for his belief in the U.S. Constitution.

One balmy May evening back in 2000, Dudley was standing around minding his own business when all of a sudden, a policeman pulled-up and demanded that Dudley produce his ID. Dudley, having done nothing wrong, declined. He was arrested and charged with "failure to cooperate" for refusing to show ID on demand. And it's all on video.

On the 22nd of March 2004, the U.S. Supreme Court will decide whether Dudley and the rest of us live in a free society, or in a country where we must show "the papers" whenever a cop demands them.

This case has amicus briefs from the Cato Institute, the Electronic Privacy Information Center, the Electronic Frontier Foundation, the American Civil Liberties Union, and many others. It's an important case, because it touches on the core right of a free people to remain free from arbitrary demands by government officials.

If the new Transportation Security Administration gets its way, Americans may soon be ID?ed, stamped and tracked in a manner an old-style European police state could only have dreamed of.

And when Ben Franklin uttered this remark more than 200 hundred years ago, he could not have imaged how prescient he would be: "Those willing to give up a little liberty for a little security deserve neither security nor liberty."

Franklin is clearly turning over his grave after recent proposals to make America ?safer.?

Do you have to tell the police your name? Depending on how the Supreme Court rules, the answer could be the difference between arrest and freedom.

The justices heard arguments Monday in a first-of-its kind case that asks whether people can be punished for refusing to identify themselves.

The court took up the appeal of a Nevada cattle rancher who was arrested after he told a deputy that he had done nothing wrong and didn't have to reveal his name or show an ID during an encounter on a rural road four years ago.

I've posted about this case before. Today was just for oral arguments, not handing down a decision, but some of the questions asked by the justices are... disturbing.

Justice Sandra Day O'Connor (news - web sites) pointed out the court never has given police the authority to demand someone's identification, without probable cause they have done something wrong. But she also acknowledged police might want to run someone's name through computers to check for a criminal history.

Why is this disturbing? Clearly, because a person's criminal history has literally no bearing on whether or not they are currently engaged in an illegal activity. If you have probable cause to believe a crime was committed, then you can investigate that crime, but you have to do it on the basis of present evidence rather than past acts.

More troublesome is that the information available from a person's identity is tremendous:

"A name is now no longer a simple identifier; it is the key to a vast, cross-referenced system of public and private databases, which lay bare the most intimate features of an individual's life," Rotenberg told the court in a filing.

In case you're having trouble picturing this, consider that with your identity in hand, the police have access to:

• Whether or not you have a concealed-carry license (even if you aren't carrying), and whether or not you have ever had one in the past
• Your credit rating
• Whether you are on any of the so-called "terrorist watch lists" (or closely resemble anyone who is)
• Whether you have been arrested in the past (convicted or not)

It's not just your identity they are asking for -- it's the ability to record your presence at that particular place and time so that they can investigate your records and follow up later if need be. And if you think some cops wouldn't take the opportunity to harass someone whose opinions they don't like based on recognizing their name, you live in a dream world.

Publicola has a long post about the 5th-amendment implications of Hiibel's conviction (the conviction is the basis for the appeal to the Supreme Court) here. I'll second it and add the codicil that demands for identification in the absence of a crime are clearly an unreasonable search by the terms of the 4th amendment. If the officer is justified in committing a physical search of the individual, he can clearly obtain that person's identification (if they are carrying any) and make use of that. But if he can't physically search the person legally, then how can he demand the contents of that person's wallet?

On Mar. 12, the Justice Dept., FBI, and Drug Enforcement Administration delivered an 83-page petition to the Federal Communications Commission demanding dramatic new surveillance powers. If they're approved, the FBI would have the right to require Internet service providers (ISPs), voice over Internet protocol (VoIP) companies, and others that rely on broadband access to the Net to redesign their networks to support standards designed by law enforcement for wiretapping and tracing.

The FBI warns that unless it has some influence over these new technologies, it'll be unable to keep up with terrorists and thieves. "The ability of federal, state, and local law enforcement to carry out critical electronic surveillance is being compromised today," the petition warns, adding that the task of protecting the public is growing more difficult every day. The FBI has asked the FCC to solicit comments on its proposal by Apr. 12 -- a lightening pace for the federal agency where matters of this kind normally take months, if not years, to be decided.

A far-reaching proposal from the FBI, made public Friday, would require all broadband Internet providers, including cable modem and DSL companies, to rewire their networks to support easy wiretapping by police.

The FBI's request to the Federal Communications Commission aims to give police ready access to any form of Internet-based communications. If approved as drafted, the proposal could dramatically expand the scope of the agency's wiretap powers, raise costs for cable broadband companies and complicate Internet product development.

Legal experts said the 85-page filing includes language that could be interpreted as forcing companies to build backdoors into everything from instant messaging and voice over Internet Protocol (VoIP) programs to Microsoft's Xbox Live gaming service. The introduction of new services that did not support a back door for police would be outlawed, and companies would be given 15 months to make sure existing services comply.

Why does the FBI want to know what people are reading?