That’s the title of my Slaw post for today.  It reads as follows.

With Parliament back in session, we are seeing more attention on the proposed “lawful access” legislation. There is good reason for that. Many of us believe the proposed legislation is an affront to privacy, and gives law enforcement overly intrusive rights without court supervision that will in practice be no more than expensive, invasive, privacy offensive security theatre.

In this CBC interview, Ann Cavoukian, the Ontario Privacy Commissioner, does an excellent job of explaining the issue. Well worth investing 7 minutes to watch.

That’s the title of my Slaw post for today.  It reads as follows.

There has been a lot written lately about the disturbing trend towards becoming a surveillance society. And the equally disturbing trend for governments to try to interfere with various kinds of communications to squash activity. Mathew Ingram has a good article about that on gigaom.

There is a great hue and cry about this when it occurs in countries that we feel suppress their people – but we are also seeing the trend in North America and Britain – such as the recent British riots and San Fransico’s Bart transit system shutdown of cell service.

And yet at the same time, authorities get upset at and try to stop people from photographing them doing their jobs – sometimes to the extent of trying to charge them with crimes such as wiretapping.

Along with that is the photographer as terrorist / criminal attitude that is seen far too often. That has been mentioned on Slaw before here and here. The latest example of that is a post on Techdirt that says police in Long Beach California have a policy that they can detain someone taking photos with “no apparent esthetic value”.

There is of course always some reason given for doing these things – but we can’t just let it be justified by some claim that it is necessary to stop violence or catch criminals. We have to consider many factors, including practical matters such as whether the actions are even effective to accomplish the stated goal, and how disruptive they are to others. We also need to think about issues like security vs privacy, and liberty vs control.

We need to think about these issues on matters such as the proposed lawful access laws.

That’s the title of my Slaw post for today.  It reads as follows.

Apparently some of the British rioters have been communicating using Blackberrys. Which resulted in a suggestion that Blackberry should suspend its instant messaging service until things quiet down.

That kind of reaction never ceases to amaze me.

As if when that was shut down, the riots and destruction would stop because the malfeasants couldn’t communicate any more. And of course consider the effect on the average Blackberry user who is without service as a result. Attempts to shut the entire internet have not stopped people from doing what they are doing, let alone 1 mode of communication. That’s no different than trying to stop the use of any tool used by criminals. In most cases, people, like the internet, are good at working around outages.

I’m not a fan of laws that require entities such as ISP’s to retain data about its customers so law enforcement can get to it.  To me, that flies in the face of privacy principles that say one should only retain personal information (both quantity and duration) to the extent it is required to fulfil the purpose of the services being offered.

I’m not convinced that the benefit to law enforcement outweighs the negative aspects of this – which range from costs to the entity retaining, the risk of abuse, and the risk of exposing it.   It is hard enough to protect the information that entities need, let alone information they don’t need.  And the more information you have, the more you are a target for malfeasers trying to get at it.

Mike Masnick of Techdirt has a post worth reading on the subject.  He refers to a researcher and author who says that a current US bill, the “Protecting Children from Internet Pornographers Act”  should be called the  ”Forcing Your Internet Provider to Spy On You Just In Case You’re a Criminal Act of 2011″.

Unfortunately, we are heading down the same path here in Canada with the proposed lawful access statute.

Michael Geist has written a good article in the Ottawa Citizen disucssing why the proposed “lawful access” internet surveillance law should not be passed.

From teh article:

Lawful access raises genuine privacy and free speech concerns, particularly given the fact the government has never provided adequate evidence on the need for it, it has never been subject to committee review, and it would cost millions to implement yet there has been no disclosure on who would actually pay for it. Given this, it is not surprising that every privacy commissioner in Canada has signed a joint letter expressing their concerns.

Like David Fraser and Michael, I have ranted on this before.   I have a real problem with legislation that erodes privacy and requires ISP’s or others to retain information for the sole purpose of government access to it. And when that access is not tempered by the need for a warrant.

Issues include erosion of privacy, the potential for misuse of the information (intentionally, accidentally, or creeping uses) the costs of ISP’s to comply, and whether the measures will actually have any meaningful impact on crime.

David Fraser has a post worth reading entitled Investigating and Preventing Criminal Electronic Communications Act bill one step closer to (warrantless) surveillance state.

The bill has been called “lawful access” , or “awful access” depending on your perspective.  It will give more power to government authorities to get information from telecommunications service providers without a warrant.

David uses the example of secret police in Belarus who used this kind of power to identify people at an anti-government demonstration.

As he puts it “If we’re shocked at what repressive regimes are doing to their citizens, we shouldn’t be giving our own governments tools to be repressive.”

As I mentioned earlier, there is a proposal in the US for legislation to require backdoor internet access to law enforcement.  There have been similar proposals in Canada for “lawful access”.

Bruce Schneier has a good post entitled Wiretapping the Internet that explains why this is a bad idea.  The entire post is worth reading, but to give a flavour:

These laws are dangerous, both for citizens of countries like China and citizens of Western democracies. Forcing companies to redesign their communications products and services to facilitate government eavesdropping reduces privacy and liberty; that’s obvious. But the laws also make us less safe. Communications systems that have no inherent eavesdropping capabilities are more secure than systems with those capabilities built in.

…

Official misuses are bad enough, but the unofficial uses are far more worrisome. An infrastructure conducive to surveillance and control invites surveillance and control, both by the people you expect and the people you don’t. Any surveillance and control system must itself be secured, and we’re not very good at that. Why does anyone think that only authorized law enforcement will mine collected internet data or eavesdrop on Skype and IM conversations?

We get upset when governments outside of North America insist on being able to monitor internet based communications.   But we shouldn’t get too smug about it, as the same thing happens in North America.  See these posts that talk about a new attempt to legislate backdoor internet access in the US, why its a problem, and links to other commentary.  CircleID       Techdirt

The three strikes concept just won’t go away either.  Basically it allows or requires sites or internet access to be shut down based on unproven allegations they are used for infringement.  A new proposed US bill would do that.  See the CircleID link above for their take on that.

Mike Masnick of Techdirt puts that bill in perspective by saying that the same logic used by the proponents of the bill would have in the past banned Hollywood itself, the recording industry, radio, the DVR, and other ubiquitous things.

UPDATE: Also see the EFF take on the backdoor bill.

That’s the title of my Slaw post for today.  It reads as follows.

There has been a lot of press over the latest countries that don’t want Blackberries in their country unless they can get access to monitor user communications.  See, for example, the Washington Post, Techdirt, Engadget.

RIM designed Blackberry communications so they would be secure, in a way that RIM itself can’t even access them.  That’s a great feature that makes privacy advocates, corporate users, and individual users very happy. 

But it also makes some governments very unhappy – particularly those who believe they need to spy on communications.   Some to the extent that they threaten to ban use in their countries unless they get the access they want.   Those countries feel the need to monitor for illegal activity, or for anti-government sentiment that we in North America would consider basic free speech.   And the threat to ban irks governments like the US, because it affects US government officials and users that travel to those countries, and offends their views of free speech and individual empowerment.  The attitude of most of us in North America is that those governments should just lighten up and stop trying to suppress or control the thoughts and activities of people.

But we can’t forget that this is all a matter of degree.   US and Canada ”lawful access” advocates want ways for law enforcement to access electronic communications to fight criminals and terrorists, and have similar concerns about encryption that modern communications technology provides.  Law enforcement has always been able to do things like wiretaps with judicial oversight that requires some standard of reasonable cause before it happens.  (Although one is often suspicious about what wholesale monitoring is done at the national security level of things.)

We need to think these things through very carefully in terms of what access is truly needed and effective to fight crime, and what is merely security theatre.  Also what kind of rules, oversight, checks, and balances must go along with law enforcement access in order to balance that against rights to privacy and confidentiality.

For the London Free Press – Mar 3, 2010

Read this on Canoe

General public, especially Muslims, likely unintended target of move by U.K. police to monitor customers’ web travels

Internet cafes in the United Kingdom are the latest victims of privacy invasive counter terrorism measures. Scotland Yard recently asked Internet cafe owners to monitor customers’ use of public computers. The authorities are encouraging owners to check activity on their computers and keep an eye on any suspicious activity.

Yet police say it’s not about asking Internet cafe owners to spy on their customers.

These measures seem unreasonable and privacy invasive, and are likely to be ineffective.

This is similar to monitoring calls on a public phone, it has been pointed out.

Surely a criminal or terrorist using an Internet cafe would be savvy enough to hide their tracks.

Unfortunately, the general public will likely be the unintended victims of this initiative, similar to the suspicions raised against average people taking photographs in public places.

As Simon Davies, director of U.K.-based Privacy International, has said, “What you’re going to end up with is a lot of people reporting Muslims in Internet cafes.”

Police have stated that Internet cafes often have been used by terrorists and other criminals in order to evade police surveillance. The police noted that the men behind the plot to blow up U.S.-bound passenger jets with liquid explosives secreted into soft drink containers used an Internet cafe to plan their attack.

Posters and computer desktop images of Scotland Yard’s logo are being distributed to Internet cafes. They are sternly worded, warning customers against viewing “inappropriate or offensive content,” and stating “breaching the above will result in the user’s Internet access being terminated immediately and, where appropriate, the police being informed.”

This latest initiative can be seen as an extension of the suspicious attitude the UK police have against public photography. There are many reports that average people with cameras often are accused of suspicious activity, just for taking photographs.

In response to public outrage at police searching people’s cameras, Scotland Yard posted the following note on their website under “Photography Advice:”

“Officers have the power to view digital images contained in mobile telephones or cameras carried by a person searched under S43 of the Terrorism Act 2000 to discover whether the images constitute evidence that the person is involved in terrorism. Officers also have the power to seize and retain any article found during the search which the officer reasonably suspects may constitute evidence that the person is a terrorist. This includes any mobile telephone or camera containing such evidence.”

The official suspicion about photographers seems ironic in a nation having a massive number of surveillance cameras to watch the public’s every move.

One has to wonder whether the invasion of privacy, and the air of suspicion and fear such measures foster, is worth it, and whether these measures do anything at all to increase public safety, or are mere security theatre.