Politics, Economics, and the Law
Category Archives: Privacy
June 22, 2012Posted by on
“They would be the shepherds over us, their sheep. Certainly such an arrangement presupposes that they are naturally superior to the rest of us. And certainly we are fully justified in demanding from the legislators and organizers proof of this natural superiority.” – Frédéric Bastiat
Or, perhaps another quote would have sufficed; “Who watches the watchmen?”
Technology marches on, steadily introducing new avenues for oppression. And it would seem that They won’t rest until the whole of us have been examined, numbered, and cataloged. “They” seems to encompass a variety of people and organizations, all of whom appear to believe that the key to making the world More Decent is just a little less privacy for everyone.
For example, the FBI wants tech companies to provide built-in back doors for government access. Presumably, if you oppose the idea of all your social media and communications software coming set up for government snooping, you probably support Terrorism and/or Child Pornography. The rhetoric nearly always frames these sorts of things as the false choice between either “Giving law enforcement the Tools It Needs” or “Letting the bogeymen win.”
The NSA, as part of their continuing efforts to elevate themselves to the status of comic book villains, informed the Senate’s Intelligence Oversight Committee that they essentially had no idea how many Americans had been spied on, couldn’t devote the manpower to figure this out without hindering their ability to continue spying, and would consider it a violation of citizens’ right to privacy to say, even if they did know. I don’t even know where to begin. I would certainly hope the NSA knows how many Americans it has intentionally spied upon. That should be simple math, counting up the files. I can certainly believe they may not know how many Americans have been accidentally spied upon. This is an agency that is attempting to analyze all communications. All. That they’d be unaware they were listening in on your calls to Aunt Mavis back at the farm until someone told them it was happening is completely believable. That doesn’t mean it’s okay, just that it seems like a very real possibility. But that they would tell the people in charge of their oversight that it would violate Americans’ privacy to know that their privacy was being violated is some kind of insane troll logic. It’s hard to formulate a good reply, because you don’t even know how they could arrive at that conclusion.
Or perhaps we do know how they arrive at these sorts of conclusions. These are the kind of statements and policies put forward by people who firmly believe themselves to be our betters. They’re doing important work; protecting the sloppy masses from the demons that live in this world. Demons we may not even be aware exist. Their power has made them arrogant, and given them a profound sense of entitlement. Good People do Good Things, and they are Good. As such, how could anything they do be Bad? They are the Holy Paladins, who’ve turned into the demons they fight.
Or perhaps they’re just thugs. It’s probably a coin toss.
But at least neither the FBI nor the NSA is advocating that everyone be bar-coded (at least not yet). Elizabeth Moon is suggesting just that. This is one of those fanciful ideas that probably seems just swell to the same sort of people who’d advocate for more surveillance. The idea being that our wise rulers are hampered greatly due to the fact that they’re not omniscient. So, naturally, instead of restricting their powers to minimize the damage they can do, we should instead try and get them as close to omniscience as possible.
Moving right along, a company called IDair has developed a system capable of reading fingerprints from six meters away. The current customers are, predictably, military. But the creator sees the system being rolled out for civilian purposes, foreseeing, among other uses, being used as a way to purchase things without bringing your wallet. This presupposes a system where your bank account is tied to your biometrics. This is probably one of those things that either bothers your a lot, or not at all. I’m firmly in the first camp.
Perhaps IDair could be used right alongside the cameras being deployed around twenty San Francisco bars. SceneTap is the company installing the cameras, and the goal is apparently to build demographic data so that you know which establishments you’d like to go to, when you’re out on the town. Fair enough. But if we take a stroll down the slippery slope, how soon until a system such as this would be used for more objectionable purposes? Facial recognition linked to biometric databases could be used to determine whether a bar patron is of age. Or perhaps subpoenaed for a divorce case to cast one parent’s visits to the local watering hole as evidence of their unfitness to raise children. Crack open a cold one, and let slip the dogs of well-founded paranoia.
In the name of fighting the never-ending War on Drugs™, the DEA would like to scan the license plates of all vehicles travelling I-15 in Utah. Then they’d like to keep that data for two years. This would create a record of movement that I feel certain wouldn’t stay tied to only drug investigations. Mission creep inevitably sets in, and the data would surely be used for purposes that weren’t initially considered. And when they sort out who you are, they could just track you via your cell phone, even if it’s not GPS-enabled.
Or, as Futurama put it, describing the evil robotic Santa, “He knows when you’ve been sleeping! / He knows when you’re on the can! / He’ll hunt you down and blast your ass from here to Pakistan!”
April 13, 2012Posted by on
It wasn’t “news” the last time I wrote about social media and the degredation of privacy, and it isn’t this time either. It wouldn’t have even been “news” if I’d written on this a couple of weeks ago, when I meant to.
Paul Venezia wrote a good article comparing what is being done in digital space to analogous situations in physical space. The thrust seems to be that these sort of snooping activities, all too common now, are widespread mainly because they’re very easy to do, and there aren’t as many laws concerning them. Reading your email is somehow different from reading your physical mail beacuse, well… it just is. Internet snooping, while it would certainly seem to violate the legal protections of privacy, doesn’t violate the letter. And that makes it A-okay.
A Texas researcher added an app to Facebook, allowing you to name enemies. I haven’t kept up with the story, if there’s indeed a story to keep up with, but by now the app could well have been axed. It’s well known that Facebook has consistently told users to get bent regarding a ‘dislike’ feature. The advertisers-first angle is, of course, spot-on. Facebook is an artificially friendly(ish) place, and that’s good for Facebook’s customers. If the only available options are to either like something, or ignore it, that suits companies just fine. No one can ever hate them, and they’re all seperated only by the degree to which people love them. It’s hard to fault Facebook, really. Most of us would probably do something quite similar, if hawking users’ information would net us $4.27 billion dollars during the year.
On the topic of Facebook, the House shot down a bill that would have outlawed the practice of employers requesting Facebook login information. Also fun, they’re claiming rights to the word ‘book.’ And here’s a look at what Facebook sends police if they subpeona your account.
More in privacy and security news:
Found on Popehat, the Ninth Circuit rejects the government’s attempts to base criminal prosecution on violations of usage agreements. The majority opinion is a pretty entertaining read, too.
The NSA, fattened on post-9/11 dollars, is building a gigantic data center in Utah. I’ll have more to say on this in the future, because it’s a Really Big Deal, but for now I’m just somewhat alarmed. I’d encourage you to be alarmed as well. I’d also encourage you to download a copy of TrueCrypt, and encrypt all your data. Maybe your email too, just for giggles. If my tax dollars are in some small way paying for this, I want to make sure they’ve got plenty to keep them entertained. AES encryption with a suitably strong password should keep even the government busy for a while.
Get out your chemicals and rubber hose, the FBI wants to “advance the science of interrogation.”
March 29, 2012Posted by on
Austin Carroll, a (former) student at Garrett High School in Indiana, was expelled for a post he made on his personal Twitter account. There seems to be some lack of clarity of whether or not he accessed Twitter from his home computer or a school computer. In either case, it appears that the school’s computer system is able to (and apparently does) track posting’s from students’ accounts.
Where to even begin? Stories such as this angry up my blood before I’ve even begun to unpack and examine the implications.
Naturally, if the student is using a school computer, the school is within their rights to regulate the manner in which their computers are used. Yet even if we accept the school’s position that Carroll accessed Twitter from one of their machines, that still leaves several issues. Firstly, isn’t expulsion for a bit of relatively harmless profanity rather harsh? It seems like the sort of transgression which could be addressed with lesser punishments. And if expulsion is on the table for an offense such as this, one would hope that this is clearly spelled out in the usage policy. I’m sure there are provisions for punishments “up to and including expulsion,” but I somehow doubt that any of the students would have seriously expected expulsion to be leveled for cursing. It seems more like a thing you bring to bear if a student has made threats of violence.
Now let’s consider what it means for us if the school is mistaken (or, to be somewhat cynical, misrepresenting the facts). If the school is allowed to regulate speech in cases where a student is neither using school property, nor engaging in threatening speech or speech related to illegal acts, then the school is asserting total control over students’ speech, and the students effectively have “privileges” to speak, and not “rights.” Privileges which can be revoked at the school’s pleasure, if a student expresses themselves in a manner which offends the empowered school officials. The rights of minors are of course already curtailed, but given Carroll is a senior in high school, and it is nearly April, it is reasonable to assume he could easily have already turned eighteen, and therefore is legally an adult. To condense and make explicit, if Carroll is eighteen, and had posted his tweet from home, the school district is asserting the right to punish adults for (and thus control) their private speech, based not upon public-safety necessity, but simply upon what they feel to be appropriate.
Numerous locales have various “anti-bullying” legislation either enacted or in the works, which would regulate both what occurs at the school, and what occurs outside of school. Most of these seem to be overly-broad, to the point of chilling what is, or should be, protected free speech. The Carroll expulsion appears to lack even the flimsy “public safety” framing of these statutes, resting wholly on the school administrators’ sense of propriety. Happily the student body of Garrett High School appears to have reacted to the expulsion quite poorly. But if we as a society roll over on issues such as this, we set rather unnerving precedents, confirming to those in these positions of power that control of our private speech is a thing they can do. It invites authoritarianism. Those who would act as our censors should be called out, shunned, and their power delegitimized.
(I considered posting a link to Garrett High School’s website, but as I cannot be certain of directing you to the correct place, I shall refrain.)
February 24, 2012Posted by on
Well, appeals courts have made rulings. The 10th has rejected an appeal on the grounds that no verdict has been rendered in the original case, and the 11th is saying that decryption is tantamount to testimony, and therefore subject to fifth amendment protections. I like this reasoning, myself. The issue going to the Supreme Court is most likely inevitable, but in the meantime it can’t hurt to accumulate some rulings that forbid forced decryption of data. A distinction being made by courts seems to be between data investigators know is on a hard drive, and investigators wishing to decrypt data so that they can poke around a hard drive and see what they can find.
January 24, 2012Posted by on
CNET posted an article yesterday concerning a distressing ruling by a Colorado federal judge where he decided that American citizens can be forced to decrypt hard drives in order to allow law enforcement to examine the contents.
In his ruling, Judge Blackburn writes:
“I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents…”
I suppose this is the sort of thing about which reasonable people can disagree. The fifth amendment asserts that, among other things, a citizen cannot “be compelled in any criminal case to be a witness against himself.” One might assert that, in decrypting your data, you are not actually witnissing against yourself. Can we reason that the typing of the passphrase is a form of speech, and therefore would qualify as a form of “witnessing”?
As one might expect, Judge Blackburn trots out the “public interest” show pony in his justification, and asks to Think of the Children™, remember the terrorists, etc.
“Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these. Failing to compel Ms. Fricosu amounts to a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) [. . .]”
There have been other cases where this has come up (referenced in the CNET article), and given the conflicting end results it seems likely this will make its way to the U.S. Supreme Court in the semi-near future. The case immediately in question involves money laundering and fraud.
This seems as good a time as any to segue into the topic of encryption and file erasure. While it remains to be seen what the final word is regarding the courts’ ability to compel you to decrypt your data, it is still good practice to encrypt anything you wish to remain private, especially on portable devices which may be lost or stolen. Most likely you have no crimes to hide from the police, but you almost certainly have some kind of information that you’d prefer not to be disclosed to all and sundry. Bank information, various email and social accounts left logged-in, etc. Truecrypt is a fantastic open source encryption program that I’d highly recommend. Also, as you may or may not be aware, deleting files from your computer does not actually remove them, but only marks the space free. If you want something to acutally disappear, it must be overwritten. I would recommend Eraser for this task. In a world of ever-shrinking privacy, you must take personal responsibility to keep what you can of it.
(Hat tip to The Agitator for posting the article link.)
UPDATE: Discussion to be found on The Volokh Conspiracy.
January 23, 2012Posted by on
January 19, 2012Posted by on
In the wake of the “blackout” against SOPA/PIPA, various House and Senate members have jumped ship, and are no longer supporting the bill. ‘Reason’ has a good article concerning the issue.
It would be tempting to suppose that Washington has heard the cries of the people, and decided to actually represent them. The more likely explanation is they heard the cries of the wealthy and influential opposition.
Good news for now, but it’s hardly over and done.
January 18, 2012Posted by on
January 17, 2012Posted by on
Very soon a number of websites (Wikipedia being a noteworthy one) will be blacking out for a day in protest of SOPA/PIPA, bills which amount to nothing less than the major media concerns (MPAA, RIAA, et al) assaulting the internet in an effort to control and censor content, and establish a legal framework which can be used to abuse anyone they see fit. A side “benefit” of this legislation would be to lay the groundwork for a Chinese-style national firewall, allowing political interests to decide what we can and cannot see. Mountains of information and commentary has been written about this, and so I shall refrain from adding much further. Popehat has a good piece, written just today. And if you’re confused by all of this, having just emerged from a Cold War fallout bunker, I advise you to look into the matter.
So write about it. Call your congresscritter, and let it know you’ll do your best to make sure it’s out of a job if it supports this. Take some form of action, even if it’s only to get informed, get angry, and tell your friends.
ADDENDUM: A worthwhile use of your internets is to go here: http://americancensorship.org/
House takes Senate’s bad Internet censorship bill, tries making it worse