US bills introduced to wiretap the net, and arbitrarily shutdown alleged infringers

We get upset when governments outside of North America insist on being able to monitor internet based communications.   But we shouldn’t get too smug about it, as the same thing happens in North America.  See these posts that talk about a new attempt to legislate backdoor internet access in the US, why its a problem, and links to other commentary.  CircleID       Techdirt

The three strikes concept just won’t go away either.  Basically it allows or requires sites or internet access to be shut down based on unproven allegations they are used for infringement.  A new proposed US bill would do that.  See the CircleID link above for their take on that.

Mike Masnick of Techdirt puts that bill in perspective by saying that the same logic used by the proponents of the bill would have in the past banned Hollywood itself, the recording industry, radio, the DVR, and other ubiquitous things.

UPDATE: Also see the EFF take on the backdoor bill.

RIM Blackberry security irks UAE, Saudi Arabia

That’s the title of my Slaw post for today.  It reads as follows.

There has been a lot of press over the latest countries that don’t want Blackberries in their country unless they can get access to monitor user communications.  See, for example, the Washington Post, Techdirt, Engadget.

RIM designed Blackberry communications so they would be secure, in a way that RIM itself can’t even access them.  That’s a great feature that makes privacy advocates, corporate users, and individual users very happy. 

But it also makes some governments very unhappy – particularly those who believe they need to spy on communications.   Some to the extent that they threaten to ban use in their countries unless they get the access they want.   Those countries feel the need to monitor for illegal activity, or for anti-government sentiment that we in North America would consider basic free speech.   And the threat to ban irks governments like the US, because it affects US government officials and users that travel to those countries, and offends their views of free speech and individual empowerment.  The attitude of most of us in North America is that those governments should just lighten up and stop trying to suppress or control the thoughts and activities of people.

But we can’t forget that this is all a matter of degree.   US and Canada ”lawful access” advocates want ways for law enforcement to access electronic communications to fight criminals and terrorists, and have similar concerns about encryption that modern communications technology provides.  Law enforcement has always been able to do things like wiretaps with judicial oversight that requires some standard of reasonable cause before it happens.  (Although one is often suspicious about what wholesale monitoring is done at the national security level of things.)

We need to think these things through very carefully in terms of what access is truly needed and effective to fight crime, and what is merely security theatre.  Also what kind of rules, oversight, checks, and balances must go along with law enforcement access in order to balance that against rights to privacy and confidentiality.

Internet cafe surveillance ‘security theatre’

For the London Free Press – Mar 3, 2010

Read this on Canoe

General public, especially Muslims, likely unintended target of move by U.K. police to monitor customers’ web travels

Internet cafes in the United Kingdom are the latest victims of privacy invasive counter terrorism measures. Scotland Yard recently asked Internet cafe owners to monitor customers’ use of public computers. The authorities are encouraging owners to check activity on their computers and keep an eye on any suspicious activity.

Yet police say it’s not about asking Internet cafe owners to spy on their customers.

These measures seem unreasonable and privacy invasive, and are likely to be ineffective.

This is similar to monitoring calls on a public phone, it has been pointed out.

Surely a criminal or terrorist using an Internet cafe would be savvy enough to hide their tracks.

Unfortunately, the general public will likely be the unintended victims of this initiative, similar to the suspicions raised against average people taking photographs in public places.

As Simon Davies, director of U.K.-based Privacy International, has said, “What you’re going to end up with is a lot of people reporting Muslims in Internet cafes.”

Police have stated that Internet cafes often have been used by terrorists and other criminals in order to evade police surveillance. The police noted that the men behind the plot to blow up U.S.-bound passenger jets with liquid explosives secreted into soft drink containers used an Internet cafe to plan their attack.

Posters and computer desktop images of Scotland Yard’s logo are being distributed to Internet cafes. They are sternly worded, warning customers against viewing “inappropriate or offensive content,” and stating “breaching the above will result in the user’s Internet access being terminated immediately and, where appropriate, the police being informed.”

This latest initiative can be seen as an extension of the suspicious attitude the UK police have against public photography. There are many reports that average people with cameras often are accused of suspicious activity, just for taking photographs.

In response to public outrage at police searching people’s cameras, Scotland Yard posted the following note on their website under “Photography Advice:”

“Officers have the power to view digital images contained in mobile telephones or cameras carried by a person searched under S43 of the Terrorism Act 2000 to discover whether the images constitute evidence that the person is involved in terrorism. Officers also have the power to seize and retain any article found during the search which the officer reasonably suspects may constitute evidence that the person is a terrorist. This includes any mobile telephone or camera containing such evidence.”

The official suspicion about photographers seems ironic in a nation having a massive number of surveillance cameras to watch the public’s every move.

One has to wonder whether the invasion of privacy, and the air of suspicion and fear such measures foster, is worth it, and whether these measures do anything at all to increase public safety, or are mere security theatre.

Schneier article: Spy cameras won’t make us safer

Security expert Bruce Schneier wrote an article for CNN entitled “Spy cameras won’t make us safer” that’s worth reading.

His basic premise is:

Pervasive security cameras don’t substantially reduce crime. This fact has been demonstrated repeatedly: in San Francisco, California, public housing; in a New York apartment complex; in Philadelphia, Pennsylvania; in Washington; in study after study in both the U.S. and the U.K. Nor are they instrumental in solving many crimes after the fact.

 

 

Airport security – are body scanners the right solution?

Is the headlong rush to install body scanners in airports:

(a) an effective way to stop dangerous weapons getting on aircraft?

(b) a kneejerk reaction to the attempted underwear bombing?

(c) A massive, expensive invasion of privacy with no real benefit?

(d) More security theatre that makes it appear that something is being done, but accomplishes nothing?

(e) Wasting time and resources that could address the issue in more effective ways?

(f) Causing far more harm and inconvenience to air travellers than is justified by the small chance it will make a difference?

(g) Closing the barn door after the cows have all left?

These are questions we should be asking.   Here’s some food for thought:

From David Fraser:

http://www.privacylawyer.ca/blog/2010/01/pantsbomber-revives-debate-over-body.html

http://www.privacylawyer.ca/blog/2010/01/we-need-debate-on-privacy-impact-of.html

http://www.privacylawyer.ca/blog/2010/01/scary-and-funny-undressing-naked-truth.html

http://www.privacylawyer.ca/blog/2010/01/alberta-privacy-commissioner-has-some.html

UPDATE: As I was typing this, David added a good article on this topic on Slaw:  http://www.slaw.ca/2010/01/08/a-real-debate-about-privacy-and-security/

From Bruce Schneier:

http://www.schneier.com/blog/archives/2010/01/nate_silver_on.html

http://www.schneier.com/blog/archives/2010/01/another_contest.html

http://www.schneier.com/blog/archives/2010/01/airport_securit_12.html

Did US border policies scupper the Chicago Olympic bid?

It is being suggested that IOC concern over US border policies may have been a significant factor in Chicago not getting the 2016 Olympics. 

Canadians and the Canadian government have been critical of the new, tougher US border policies.   Perhaps another instance where the risk/reward of security procedures is out of whack – and where security theatre has trumped the actual need.

Border Crossings and Laptops – I don’t get it

That’s the title of my Slaw post for today.  It reads as follows:

Simon posted US Homeland Security’s new rules on laptop searches for those crossing the border into the US. While there are some guidelines, they basically have the unfettered discretion to look at everything that is on one’s laptop.

Frankly, I don’t get it. It strikes me as a total waste of time and effort on their part. It inconveniences and intrudes on normal people crossing the border – with little chance of finding any terrorist or criminal information. And how are issues like trade-mark and copyright infringement relevant to crossing the border?

This strikes me as more security theatre.

The press release says in part:

“Keeping Americans safe in an increasingly digital world depends on our ability to lawfully screen materials entering the United States,” said Secretary Napolitano. “The new directives announced today strike the balance between respecting the civil liberties and privacy of all travelers while ensuring DHS can take the lawful actions necessary to secure our borders.”

Searches of electronic media, permitted by law and carried out at borders and ports of entry, are vital to detecting information that poses serious harm to the United States, including terrorist plans, or constitutes criminal activity—such as possession of child pornography and trademark or copyright infringement.

The new directives will also allow DHS to develop automated, comprehensive data collection and analytic tools to facilitate accurate, thorough reporting on electronic media searched at the border, the outcomes of those searches and the nature of the data searched—further enhancing transparency and accountability.

I tend to agree with the views of Mike Masnick of Techdirt. He comments in part:

I, like many others, have no problem with border searches of actual physical containers and luggage at the border. That makes perfect sense, because it’s physical goods that you’re purposely trying to bring directly into the country. You packed them with the specific idea of bringing them into the country.

But stuff on your laptop is different in two very important ways:

1.You mostly store everything on your laptop. So, unlike a suitcase that you’re bringing with you, it’s the opposite. You might specifically choose what to exclude, but you don’t really choose what to include.
2.The reason you bring the contents on your laptop over the border is because you’re bringing your laptop over the border. If you wanted the content of your laptop to go over the border you’d just send it using the internet. There are no “border guards” on the internet itself, so content flows mostly freely across international boundaries. Thus if anyone wants to get certain content into a country via the internet, they’re not doing it by entering that country through border control.

Thus, it makes little sense for border control to search the contents of your laptop other than if the gov’t wants a random “free pass” at checking out some content about you.
… The whole claim that this has anything to do with screening materials entering the US is totally bogus.

Cameras as security theatre

Techdirt and Slashdot comment that some people have placed images of license plates belonging to people they are not fond of on their own cars, then speeding by photo radar, resulting in the other person getting a ticket. 

Techdirt’s spin on this:

In general, we have trouble with things like speed cameras and red light cameras — both of which don’t tend to do much of anything to make the roads safer (rather, there’s evidence that they lead to more accidents). The reality is that they are really about boosting revenue for local governments, not about safety — which explains why plenty of places have been found illegally changing parameters to make them bring in more revenue.

Seattle Camerahead CCTV protest

Boing Boing has a post about a protest in Seattle tomorrow.  People upset at the growing number of CCTV cameras will walk around with huge CCTV cameras on their heads to bring atention to it.   The organizer is quoted as saying:  “The project not only raises the questions of who is watching who and who is watching the watchers, but also … why we are being watched at all”

I guess you could call this security theatre about security theatre.

Read the Boing Boing post

Privacy Commissioner commissions research into public surveillance

The Federal Privacy Commissioner has initiated some research into public surveillance.   From the Privacy commissioner’s blog:

We’ve decided to commission research into how developments in public surveillance techniques and technology are affecting Canadians, individually and as a society. First off, Queen’s University will be examining the proliferation of surveillance cameras across the country, and report on the trends in the use of public surveillance – although it seems as if we are seeing more and more attempts to expand surveillance networks. As well, the University of Alberta will be taking a detailed look at whether privacy issues are being properly considered in the run-up to the 2010 Olympics.

I look forward to the results of that research.  I subscribe to the view that for the most part public CCTV is security theatre that does not have any significant effect on actual security.

Read the Comissioner’s post for more detail and insight into the issue.