Friday, October 30, 2009

Comment: This Week on 'the Surveillance State'

There was a really interesting discussion of the DNA Database and the prospect of the 'Surveillance State' on UK politics show This Week last night. The show's hosts include MPs Diane Abbott (Labour) and Michael Portillo (Conservative).

Nobody wanted to defend the increased use of surveillance, and the (to my mind crucial) issue of the chilling effect on civic engagement got an airing, but what I found really interesting was the analysis of politician's (lack of) role in this process. In particular Abbott focused on the fact that very few of the measures discussed have actually had a chance to be debated by the legislature, while recent ministers in the executive see their role as arguing for government policy rather than running their government departments, leaving career civil servants a lot of influence over day to day governance.

Portillo makes another interesting claim: politicians tend to be risk averse, and thus much of what looks like an aggressive pursuit of 'a surveillance state' is rather politicians wishing to avoid any possibility of criticism or sense of liability for occasions where a criminal can't be caught who might have been with the help of CCTV, or the DNA database say. It is because the argument against increases in surveillance is more difficult to make, that Britain has drifted in this direction, rather than because this necessarily reflects the politicians' assessments of the principles involved.

Wednesday, October 28, 2009

Dutch Police Don't Know How to Delete Intercepted Calls

From Slashdot:

"The law in the Netherlands says that intercepted phone calls between attorneys and their clients must be destroyed. But the Dutch government has been keeping under wraps for years that no one has the foggiest clue how to delete them (Google translation). Now, an email (PDF) from the National Police Services Agency (KLPD) has surfaced, revealing that the working of the technology in question is a NetApp trade secret. The Dutch police are now trying to get their Israeli supplier Verint to tell them how to delete tapped calls and comply with the law. Meanwhile, attorneys in the Netherlands remain afraid to use their phones."

News: New Kind of Body Scanner Researched

From CNN: Homeland Security in the US is funding research for a new kind of body scanner. Named 'Future Attribute Screening Technology', or FAST, instead of directly detecting criminal activity the scanners which would measure 'natural signals from the body' - things like heart rate, breathing, body temperature and fidgeting - to determine whether the subject was suspiciously nervous, say. The project has come in for some criticism:

Civil liberties groups maintain this screening technology is an invasion of privacy.

"Nobody has the right to look at my intimate bodily functions, my breathing, my perspiration rate, my heart rate, from afar," said Joe Stanley of the ACLU.

How to Use Surveillance

Via privacydigest.com - there's an interesting National Public Radio story on the investigation that has led to terrorism charges against Najibullah Zazi, a Denver area shuttle bus driver. It's being claimed that this is a textbook case for showing how surveillance techniques are used in successful cases:

Officials say FBI agents in Denver and New York had been tracking Zazi for some time — and experts analyzing the case say the way law enforcement gathered evidence against Zazi and possible co-conspirators may be a textbook case of how to conduct a terrorism investigation. The FBI used a blend of wiretaps and subpoenas, search warrants and local police, among other things, to build its case.

"I think what's striking about the Zazi case is not so much that new tools were being used, but that old tools were being used in a comprehensive fashion," says Sam Rascoff, who used to work terrorism cases for the New York Police Department's intelligence unit. "And that they were being stitched together in a thoughtful, strategic way, so that one tool naturally gave way to another."

Monday, October 19, 2009

News: More on facial recognition technology

According to a report from USA Today, the FBI has begun trials of facial recognition technology in North Carolina. Reportedly, the trials helped to identify a suspect to a double homicide who had seemingly relocated to North Carolina from California and assumed a false name. FBI officers took a photo from the suspect’s California driver’s license and ran it against the photos contained in North Carolina’s Department of Motor Vehicles database. From “dozens” of potential matches, an FBI investigator zeroed in on one particular individual. That individual has now been placed under arrest. Marc Rotenberg of EPIC, however, questioned how effective the use of such technologies will be in counter-terrorist efforts since good photos of terrorists will rarely be available in DMV databases or elsewhere.

Wednesday, October 14, 2009

Comment: 'Naked' Scanners on Trial

There's a good post at SpyBlog on the news of Manchester Airport's trial of Rapiscan's 'Naked' Body Scanners. The post makes a number of claims:
  • There's no 'safe' amount of ionising radiation.
  • The fact that the 'viewer' is hidden in another room, a measure designed to make the process less invasive, raises some new problems. If you can't see them, for one thing there's no way the public can know whether they're being 'examined' by a man or a woman: for some people that is going to be a big deal, and may be particularly problematic for certain cultural or religious minorities.
  • Defenders say no copies can be made of the 'naked' images (this has been repeated in a series of articles that have then illustrated the story with a digital camera screen grab). The system runs on a computer, so it seems inescapable that anyone with maintenance access has access to the images. Also, if the viewers are going to be in a separate room, how are they going to be prevented from taking pictures with a camera or mobile phone? Further surveillance, perhaps with CCTV cameras? I think setting up a system which is sufficiently thorough to rule out this sort of abuse without itself transmitting a further copy of the scanned passenger's picture is going to be difficult.
  • The use of these machines on children may actually be a violation of the 'draconian, inflexible and often bureaucratically misinterpreted Protection of Children Act 1978'. I don't know whether this interpretation of the law is correct (the wikipedia article linked to lists 'prevention, detection or investigation of crime' as a legitimate defence). Regardless, it is striking that the law should be so intensely relaxed about children's naked bodies being on display as soon as the word 'security' is mentioned.

News: 'Naked' Scanners Now on Trial at UK Airport

From BBC news: Rapiscan Body Scanners are under trial at Manchester Airport. The scanners reveal clear images of any concealed weapons or explosives. However they also reveal clear images of the naked body - and any surgery, piercings or disabilities the person being scanned might have.

Manchester Airport have defended the trial, pointing out that the images are viewed in a different room from where the scanning takes place, breaking the link between the 'naked picture' and the person in question. They also point out that that pictures will not be stored.

Sarah Barrett, head of customer experience at the airport, said most passengers did not like the traditional "pat down" search.

At Manchester Airport's Terminal 2, where the machine has been introduced, passengers will no longer have to remove their coats, shoes and belts as they go through security checks.

Ms Barrett said: "This scanner completely takes away the hassle of needing to undress."

Monday, October 12, 2009

News: Targeted Billboard Ads Using DVLA Data

From Spyblog: The Mail reports that Castrol, the motor oil company, has been conducting an innovative advertising campaign - they were using giant billboards to display targeted messages directing a particular vehicle to use specified fuel. A typical message you can see in the article reads ' 1 DF L The right oil for your car is: Castrol Magnatec 5W-30 A1'.

The campaign was making novel use of Automatic Number Plate Recognition technology, but the big question is how Castrol has come by the data about the drivers held by Driver and Vehicle Licensing Agency. The DVLA sells the data it holds on 34,000,000 drivers to a number of organisations. The article reports that sources admit that in this case the data was passed on from one of these to a third-party contractor who then themselves sold it in contravention of the ban on using registration numbers for marketing purposes:

Liberal Democrat transport spokesman Norman Baker said: ‘This completely inappropriate and unacceptable behaviour by the DVLA shows how cavalier it is with motorists’ information.
‘They don’t even check what the end use is. It seems all you have to do is ask and the DVLA will give, no matter who you are and for what purpose. It’s outrageous this was allowed to happen.’
The row is a fresh embarrassment for the DVLA and raises new questions about how highly sensitive drivers’ information is handled by the agency.
The Mail on Sunday has previously revealed that the agency was selling motorists’ names and home addresses to convicted criminals. In the past five years the DVLA has earned £15million from selling the names and addresses of more than six million motorists.

Wednesday, October 7, 2009

Comment: Lies and Faces

The ABA Journal has published an interesting article on ongoing efforts to develop a better lie detector. Particular focus is placed on the use of various technologies such as EEGs and MRI to obtain a picture of brain activity. But the article also discusses the use of technology to examine eye movement and detect minute changes in facial expression. A number of critics have questioned the reliability of such methods. Given that the article appears in a publication of a lawyers’ professional association, it is not surprising that it places particular emphasis on the potential use of these technologies to develop evidence to be used in criminal prosecution. But, are there other ways that these methods might be implemented in the counter-terrorist context? Many of us have been put through little interview sessions at the airport during “heightened threat levels” before being permitted to board a flight. The idea behind these interviews being that the observation of our behavior when answering these questions as well as the actual content of the answers themselves might give us away if we have anything sinister planned. Immigration officials also generally ask us some questions before allowing us to enter a different country – although these interviews have a broader purpose than merely trying to ferret out terrorists. Might some government decide these interviews could be made more effective if we were having our brain activity, eye or facial movements scanned while they were being carried out?

On the subject of facial recognition technology, this area seems to be getting more and more attention, particularly in the security sector. There’s been a project at the University of Zurich which examined facial expression and emotion as well as their relevance for facial recognition technology. In order to be effective, this kind of technology will have to match faces that change in all manner of ways in the course of everyday human activity to static ID-photos that have been recorded in a database.

There’s also been a thread of research that has aimed at developing technology that can detect "abnormal behavior" or emerging dangerous situations - see for instance John's earlier post on INDECT. I can see how these two threads could merge where facial recognition technology would be used not only for identification but also in threat detection: i.e., the attribution of certain emotions to facial images could be used to determine whether dangerous or abnormal behavior is present.

Thursday, October 1, 2009

News: Zurich Police Regulations Regarding Surveillance Ruled Unconstitutional

The Swiss Federal Court has ruled that certain amendments to Zurich cantonal police regulations that pertain to surveillance are unconstitutional. According to a story in the Neuer Zürcher Zeitung, provisions concerning both the scope of surveillance and the duration for which surveillance footage might be preserved were among those which the court deemed to be in violation of constitutional protections. The court found that the amendments would permit both plain and covert surveillance throughout all public spaces within the Canton and that this lack of constraint represented an impermissible encroachment upon the freedom and private sphere of citizens. Another provision would have permitted film footage from surveillance activities to be preserved for up to a year or until related investigations had been concluded. According to the NZZ, the court held that the maximum period for preservation of such records is 100 days, thus demonstrating agreement with a decision which had been reached two years earlier in a case from the Canton of St. Gallen.