Subscribe: Privacy
Added By: Feedage Forager Feedage Grade B rated
Language: English
american  cambridge analytica  data  facebook  government  information  law enforcement  law  people  police  privacy  states  surveillance 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Privacy


All articles with the "Privacy" tag.

Published: Fri, 23 Mar 2018 00:00:00 -0400

Last Build Date: Fri, 23 Mar 2018 18:56:45 -0400


The Facebook-Cambridge Analytica 'Scandal' Is a Nothingburger

Fri, 23 Mar 2018 00:15:00 -0400

What the Facebook-Cambridge Analytica scandal lacks in relevance it sure makes up for in melodramatic rhetoric. Take Bloomberg, for instance, which reported, "The revelations of the apparent skulduggery that helped Donald Trump win the 2016 presidential election keep sending shock waves across the political landscape." Well, it's partially true. Everyone is talking about it. The story has consumed most of the mainstream media. The theory goes something like this: Facebook obtained information on users who took a personality quiz with their online friends. Another outlet, the advertising firm Cambridge Analytica, harvested that information, brainwashed a bunch of rubes and then yada, yada, yada...Russia! Former Cambridge Analytica contractor Christopher Wylie told CNN that while at the company, he helped build a "psychological warfare weapon" to "exploit mental vulnerabilities that our algorithms showed that (Facebook users) had." So, in other words, he worked in the advertising business. Those who have covered politics for more than a single Trump cycle should know better than to use this kind of unnerving rhetoric for what amounts to nothing more than average microtargeting, which has been used by hundreds, if not thousands, of firms. Yet now, when it serves to bolster convoluted theories about an election having been overthrown, terms like "psychographics" and "breach" are being thrown around to make it sound like someone hacked into voter rolls after boring into the deepest recesses of our collective soul. Here's a thought: If you're uncomfortable with data mining and your information being shared, don't take surveys. Because, guess what, you don't have to be on Facebook. You don't have to use Twitter. You don't have a constitutional right to play FarmVille without answering a survey. You don't get free stuff. The very existence of social media and tech companies is predicated on mining data so that they, or third parties, can sell you things. That has always been the deal. Cambridge Analytica is a shady company owned by the British firm SCL Group—and, reportedly, in part by the right-wing-funding Mercer family—which claimed it could build models that identify persuadable voters by using six key personality types. Now it looks like Cambridge Analytica kept data it shouldn't have. Yet the effectiveness of Cambridge Analytica's targeting was as questionable as its business practices. As others have pointed out, most Republicans used the firm to open to door to the Mercers' checkbook. By constantly using the word "breach," reporters are trying to insinuate that someone stole voter data that typically was off-limits. Cambridge Analytica was allowed to pull that profile data. Facebook only changed its policy in early 2015. But before the general election, the Trump campaign dropped Cambridge Analytica for the Republican National Committee data, reportedly never using the any of the "psychographic" information. According to CBS News, in September 2016, it had "tested the RNC data, and it proved to be vastly more accurate." Even if the campaign hadn't, however, its efforts would have been akin to those being heralded as revolutionary when serving the interests of Democrats. In fact, Facebook allowed the Obama campaign to harvest data in the same way that is now generating headlines and handwringing. Do you remember any outrage and trepidation over the privacy and manipulation of your thoughts in 2012? The only consistent position the left seems to take these days is that the mechanisms it uses to keep power automatically transform into something nefarious and undemocratic when the opposition uses them. If anything, there should be concerned about the ideological double standards of yet another tech giant. Most of all, so what if voters were being "targeted"? Part of living in a free society means being bombarded by messages we don't like. The entire Facebook-Russiabots scare is predicated on the notion that people don't have free will. It's only once we start micromanaging the information Americans consume that we begin [...]

Omnibus Bill Chips Away at Citizens’ Abilities to Protect Data from Government Snoops Across the World

Thu, 22 Mar 2018 11:35:00 -0400

The omnibus spending bill Congress is considering right now isn't just about spending money we don't have and saddling future generations with debt. It's also about chipping away at their data privacy, too. Buried deep in the omnibus bill—we're talking 2,200 pages in—is legislation intended to give the feds access to data held by American companies overseas. It also will have the effect of making it easier for foreign countries to gain access to data being stored here in America, and that makes human rights and privacy groups very, very concerned. The Clarifying Lawful Overseas Use of Data Act, acronymed the CLOUD Act, seeks, in part, to resolve a current dispute between the Department of Justice and Microsoft that is before the Supreme Court. The feds want access to data connected to a drug trafficking suspect. This data is being stored in Dublin, Ireland, not on American soil, and therefore Microsoft has been resisting. The CLOUD Act would require that communication providers cough up this information even if the data is stored outside the United States, provided it's about an American citizen. That's not all the act does, and the rest of it has human rights groups worried about the implications. The act also changes and apparently simplifies the process for foreign governments to also request data about their citizens when that data is stored on American soil. It reduces the amount of bureaucratic oversight in the process and reduces the ability of Congress or the judicial branch to step in to potentially block data sharing with countries that have reputations for using this private information for oppressive purposes. As such, groups like the American Civil Liberties Union, Amnesty International, the Electronic Frontier Foundation, and Campaign for Liberty oppose the CLOUD Act. Over at The Hill, Neema Singh Guliani of the ACLU warned about the consequences of giving only a couple of high-ranking people in the executive branch the authority to determine which governments the United States would cooperate with: The bill would give the attorney general and the secretary of State the authority to enter into data exchange agreements with foreign governments without congressional approval. The country they enter into agreements with need not meet strict human rights standards – the bill only stipulates that the executive branch consider as a factor whether a government "demonstrates respect" for human rights and is similarly vague as to what practices would exclude a particular country from consideration. In addition, the bill requires that countries adopt procedures to protect Americans' information, but provides little specificity as to what these standards must include. Moreover, it would allow countries to wiretap on U.S. soil for the first time, including conversations that foreign targets may have with people in the U.S., without complying with Wiretap Act requirements. In a letter sent by the groups to lawmakers, they also warn that CLOUD Act doesn't include a warrant requirement for communications over 180 days old, meaning that it doesn't guarantee constitutional standards are followed, or require law enforcement to alert people when the government gets access to their data. Sen. Rand Paul (R-Kentucky) complained last night on Twitter about the CLOUD Act getting shoved into the omnibus bill so that there will be no debate about what it does. He clearly doesn't like it, nor does his bipartisan partner in online privacy, Sen. Ron Wyden (D-Oregon). Microsoft's president, however, supports it, because no doubt with this process in place, the company can point to it and not have to take responsibility (or legal liability) when a government violates somebody's rights.[...]

University of Virginia Hires 'Social Sentinel' to Monitor Students' Social Media Posts

Thu, 22 Mar 2018 11:05:00 -0400

In response to the torch-lit marches in Charlottesville last August, the University of Virginia signed an $18,500 annual contract with Social Sentinel, a private security firm, to monitor the social media accounts of its students and others. UVA began working with Social Sentinel in September to keep an eye on potentially dangerous campus activity. University officials and the UVA police force have assured the community this step is necessary for campus security, yet students and others are concerned about their privacy rights. "Enhanced technology is just one piece of the University's safety and preparedness efforts," Officer Ben Rexrode, the Crime Prevention Coordinator for the University Of Virginia Police Department, told Reason via email. "As the University grows and new standards for best in class operations evolve, we take steps to improve when prudent and appropriate." Using an algorithm, Social Sentinel scans social media accounts and targets threatening words, images and phrases included in Sentinel's "library of harm." When these terms or images are used in context with the university's name, location, or events, a report is sent to the police, who determine if the content merits further investigation. While officials consider the context of posts that are flagged, algorithms may fail to distinguish between dangerous phrases and phrases like "You're the bomb!" or "Nice shot!," leading to unnecessary tagging. It's also difficult to expect someone who is so far removed from a conversation to fully grasp what a student meant by a particular choice of words. Neither the algorithm nor the officers reading the material may understand what is said. "It's not so much that they're looking at your Twitter or your Instagram, it's casting a very wide net and getting metadata and producing a report," UVA Spokesperson Anthony de Bruyn told The Cavalier Daily. Yet once a report is drawn up about a particular post, officers are able to read and view students posts, be they on Twitter or Instagram. So while Big Brother is not actively scrolling through students' feeds, officers have records of conversations that students or other persons may have preferred to keep from the government. Social Sentinel told The Daily Progress it does not archive the data it scans, but university police officials said the department would record and store any alerts that prompted police action. "The University has not confined the scanning to any particular group," said Rexrode."The service can only view publicly viewable sources; it cannot see private or direct messages, or accounts set to private. The service merely aggregates publicly available information." This betrays a serious limitation: Persons who wish to do harm often plot and exchange information in private chat groups, via text message, or in other online forms that wouldn't be accessed by this technology. UVA officials say Social Sentinel's mass data collection has allowed authorities to prevent some campus events, including instances of self-harm, but Social Sentinel is scanning everyone's data in order to do so. This raises obvious concerns for civil libertarians. "We see a trend in law enforcement in general to want to employ new technology before we really understand all of the implications of that technology," Bill Farrar, the Director of Strategic Communications for ACLU of Virginia, told Reason. "While we don't object to use of technology in law enforcement, we do object to usage policies and practices that violate people's expectation of privacy and other civil liberties. We are opposed to any sort of mass government surveillance for any future law enforcement services. "Law enforcement is essentially grabbing everyone's data and holding on it, just in case they might need it for some future unspecified purpose," said Farrar. "We don't think that's right—and it's not just students' data that's being monitored, it's anyone on that campus who posts on social media. They are being watched, and that's a problem." If servi[...]

Cambridge Analytica Was Doing Marketing, Not Black Magic

Mon, 19 Mar 2018 13:20:00 -0400

A little-known company called Cambridge Analytica (CA) is at the center of a breaking story about Facebook, the Trump campaign, and possibly shady data exchanges. But it's unclear whether CA did anything wrong here, or if it was just engaged in the kind of micro-targeted marketing common in consumer and political campaigns. On Sunday, Facebook announced that it had suspended the accounts of CA and its parent company, Strategic Communication Laboratories (SCL). "In 2015, we learned that a psychology professor at the University of Cambridge named Dr. Aleksandr Kogan lied to us and violated our Platform Policies by passing data from an app that was using Facebook Login to SCL/Cambridge Analytica [and to] Christopher Wylie of Eunoia Technologies," explained Facebook VP Paul Grewal in a statement. Facebook Login lets websites and apps offer the option to sign in using your Facebook account, and it lets them request and obtain data from those who do. Kogan had created a personality-test app that was download by around 270,000 people, according to Facebook. This, Facebook says, gave Kogan access to such user info as "the city they set on their profile, or content they had liked, as well as more limited information about friends who had their privacy settings set to allow it." All of this is standard. Where Kogan crossed a line and violated Facebook's terms of service was in passing this information on to third parties. When Facebook found this out, it suspended Kogan's Login account and demanded he, CA, and Wylie delete the data; all confirmed that they did. But now Facebook says it has reason to suspect that "not all data was deleted." What's lifted this story into big news territory is the fact that the Trump campaign hired Cambridge Analytica in the summer of 2016. Senate Intelligence Committee members immediately called for more regulation of digital political advertising and more investigations. Sen. Amy Klobuchar (D-Minnesota) wants Mark Zuckerberg to appear before a Judiciary panel. Meanwhile, the U.K.'s Information Commissioner's Office announced this morning that it's launching its own investigation. State prosecutors are wading in too. Both U.S. and U.K. officials say they're concerned that Facebook didn't notify users about Kogan's "breach." But Facebook Chief Security Officer Alex Stamos insisted in a series of now-deleted Saturday tweets that calling it a breach was wrong: See more from Stamos here. CA issued its own series of sassy tweets, starting with "Reality Check: Cambridge Analytica uses client and commercially and publicly available data; we don't use or hold any Facebook data." It said the company "did not use any Facebook data for the 2016 Trump campaign" and opined that "advertising is not coercive; people are smarter than that." "This isn't a spy movie," CA continued. "We're a data analytics company doing research & analysis on commercial, public and data sets for clients" that span "the political mainstream." It also pointed out that Barack Obama's 2012 presidential campaign was "famously data-driven" and "pioneered microtargeting" of the sort CA does. Critics of the kerfuffle over CA's actions have also been pointing to the Obama campaign. In late 2014, Facebook shifted its policy to prevent future campaigns from using the same sort of "sophisticated social targeting"—heralded then as "a powerful new form of voter outreach"—that Obama data gurus had employed. If you're hysterical about privacy on principle, fine. But the reason people are up in arms is because someone they dislike did it. When Obama did it, people thought it was cool. — Patrick Ruffini (@PatrickRuffini) March 19, 2018 CA says it didn't use the Facebook data to target potential Trump voters, and it says it didn't know that Kogan wasn't supposed to share the data his app had collected. But even if it did use the data that way, and even if it did know where it came from, the only real violation would be using Facebook user data[...]

No Fourth Amendment Protections Against Warrantless Cell Phone Searches at U.S. Border, Says Federal Court

Fri, 16 Mar 2018 15:50:00 -0400

In its 2014 decision in Riley v. California, the U.S. Supreme Court held that law enforcement officials violated the Fourth Amendment when they searched an arrestee's cell phone without a warrant. "Modern cell phones are not just another technological convenience," Chief Justice John Roberts wrote for the majority. "With all they contain and all they may reveal, they hold for many Americans 'the privacies of life.' The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection for which the Founders fought."

But what about when an American citizen is returning home from abroad and U.S. border officials want to thoroughly search the contents of that person's cell phone? Does the Fourth Amendment require the government to get a warrant before searching cell phones at the border? According to a decision issued this week by the U.S. Court of Appeals for the 11th Circuit, the answer to that question is no.

The 11th Circuit's ruling came in the matter of United States v. Vergara. Hernando Vergara is a U.S. citizen who was returning home from a cruise to Mexico. Because of a prior conviction for possessing child pornography, a Customs and Border Protection officer searched his luggage, including the three cell phones that Vergara was carrying. One of those phones contained "a video of two topless female minors." The Department of Homeland Security entered the picture at that point. Vergara's cell phones were taken away to a DHS facility where they were subjected to a warrantless forensic search, which typically involves retrieving deleted files and other significant inspections of the phone's digital records. DHS discovered child pornography on Vergara's phones.

Vergara and his lawyers argue that this evidence should be deemed inadmissible because the government never obtained a search warrant. His position is based in significant part on the increased privacy protections for cell phone users that the Supreme Court recognized in Riley v. California.

But a divided panel of the 11th Circuit took a different view. "The forensic searches of Vergara's cell phones occurred at the border, not as searches incident to arrest," declared the majority opinion of Judge William H. Pryor. "And border searches never require a warrant or probable cause."

Writing in dissent, Judge Jill Pryor wrote that while she agrees "with the majority that the government's interest in protecting the nation is at its peak at the border," she disagrees "with the majority's dismissal of the significant privacy interests implicated in cell phone searches." In Riley, she noted, the Supreme Court recognized "the significant privacy interests that individuals hold in the contents of their cell phones." And in her view, "the privacy interests implicated in forensic searches are even greater than those involved in the manual searches at issue in Riley." If it were up to her, "a forensic search of a cell phone at the border [should require] a warrant supported by probable cause."

One thing is clear: We have not heard the last of this debate. Either this case, or one very much like it, is almost certainly headed for the Supreme Court.

City Orders Businesses to Join Its Police Surveillance System

Tue, 20 Feb 2018 12:25:00 -0500

City leaders in Saginaw, Michigan, are drafting local shops into the crime-fighting business. The city has ordered local businesses to install video cameras and to turn over footage to the police on demand. Saginaw City Council voted unanimously yesterday to pass an ordinance requiring certain types of businesses (with "characteristics which may tend to increase the risk of criminal activity on their premises") to install a minimum of three surveillance recording cameras. These must be in operation whenever the business is open, and one camera must be positioned to record the face of each person entering or leaving. Not all businesses are covered by the new rules, but if you spend time in Saginaw, you're likely to walk into one of these places. Besides some obvious choices—banks, gun shops, check-cashing businesses—the ordinance covers all hotels, gas stations, pharmacies, cell phone dealers, and places that sell liquor (or allow liquor to be consumed on the premises, like a banquet hall). All these businesses will have a year to install their surveillance systems, subject to approval and inspection by the Saginaw Police Department. Then, if "a crime occurs" involving the business (the ordinance is written very vaguely), the establishment will provide the recording of the incident to the police. If the business resists, police will attempt to get a search warrant. Businesses are required to retain all recordings for at least 30 days; if the police contact them about a crime, they have to retain their recordings of the incident for at least 60 days. Businesses will be subject to inspections of their surveillance systems whenever the chief of police damn well pleases. The new law states the chief or a designee can inspect the system at any "reasonable" time to make sure it's in compliance with the city ordinance, which also seems like a nice way of getting around any demand by a business that police get a warrant to review footage. Police could also use such a demand to access surveillance for purposes other than investigating a crime. You would think that the city of Saginaw, population around 50,000, must be in the midst of a massive crime wave. The opposite is true. While Saginaw's violent crimes historically are far above average, overall crime in the city has dropped significantly over the past decade. As in many other American cities, Saginaw's crime is on the decline and has been for a while. But that's not enough for city leaders who want to force businesses to install (and pay for) equipment that lets the police snoop on folks. A recent beating and robbery of a 65-year-old woman captured on surveillance footage in Saginaw is being used to make the case that video recording devices should be mandatory. Saginaw Police Chief Bob Ruth claims businesses can get compliant surveillance systems for $300–$350. This quote from Ruth, in Michigan Live, has a confounding use of "we," which seems to indicate that Ruth doesn't even recognize that private businesses are not there to do the city's bidding: "I think the extra work that we're doing is far outweighed by the quality of work we're going to get in the end, on the way we'll be able to solve cases. It's really going to help us." [emphasis added] Those who attempt to defy the city's ordinance will face fines for each day they are out of compliance. And eventually they could lose their business licenses. It's not unusual for a city or a police department to attempt to force a business to shell out for surveillance equipment and other costly security demands when violent crime or drug dealing frequently takes place on or near the premises. Officials use "nuisance abatement" procedures and zoning rules to essentially force them to help the police or get shut down. It's less common for a city to make these demands in advance and absent any evidence that a particular business is a crime incubator. Ruth says he's gotten good feedback fr[...]

3 Supreme Court Cases to Watch This Month

Fri, 16 Feb 2018 09:15:00 -0500

February is shaping up to be quite a month at the U.S. Supreme Court. In the coming weeks, the justices will hear oral arguments in cases that tackle such contentious issues as the constitutionality of compulsory public-sector union fees, whether the First Amendment protects the wearing of certain political attire at the ballot box, and whether Microsoft must comply with federal warrants issued for email accounts whose data is stored overseas. Here are three Supreme Court cases to watch this month. 1. Janus v. American Federation of State, County, and Municipal Employees, Council 31 In the 1977 case of Abood v. Detroit Board of Education, the Supreme Court said that state governments may compel government workers to pay union fees as a condition of employment, even when those workers are not union members. The Court did so on the grounds that nonmember "free riders" should not be allowed to benefit from a public-sector union's collective bargaining activities. Later this month, the Supreme Court will hear oral arguments in a case that asks whether Abood should be overruled. The case is Janus v. American Federation of State, County, and Municipal Employees, Council 31. Mark Janus, an Illinois public-sector employee, objects to being forced to pay fees to a union that he has refused to join, arguing that such compulsion violates his First Amendment rights by making him subsidize the union's political speech and activities. The American Federation of State, County, and Municipal Employees, by contrast, argues that the Abood precedent "is sound and underlies important and longstanding tenets of this Court's First Amendment jurisprudence," such as the idea "that certain labor-relations interests justify the small intrusion on employees' First Amendment interests that fair-share payments represent." Oral arguments in Janus v. American Federation of State, County, and Municipal Employees, Council 31 are scheduled for February 26. 2. United States v. Microsoft Corporation The Stored Communications Act (SCA) of 1986 contains several provisions designed to safeguard private communications that are held "in electronic storage." Among them is a requirement that law enforcement officials may only obtain the contents of such communications "pursuant to a warrant." In 2013, federal authorities obtained a warrant for the contents of a drug suspect's Microsoft email account. But Microsoft refused to comply and moved to quash the warrant. Why? Because the email records in question happened to be stored in the company's datacenter in Dublin, Ireland. As Microsoft argues in its brief in United States v. Microsoft Corporation, "because statutes apply only domestically unless Congress clearly indicates otherwise, the SCA should be read to apply only to electronic communications stored here, just as other countries' laws govern electronic communications stored on their soil." The federal government takes the opposite view. Under the Stored Communications Act, it told the Court, "the government may compel a U.S. service provider to disclose electronic communications within its control, regardless of whether the provider stores those communications in the United States or abroad." What is more, the government argues, Microsoft's interpretation of the SCA "would hamper domestic law enforcement and counterterrorism efforts" by creating a massive loophole that could allow any U.S.-based email account to escape the reach of U.S officials so long as the data is stored abroad. Oral arguments in United States v. Microsoft Corporation are scheduled for February 27. 3. Minnesota Voters Alliance v. Mansky Under Minnesota law, "a political badge, political button, or other political insignia may not be worn at or about the polling place on primary or election day." This ban applies to all apparel "designed to influence and impact voting" or "promoting a group with recognizable political views." [...]

Mass Surveillance Is One Chinese Export We Should Ban

Thu, 08 Feb 2018 15:20:00 -0500

What does a total surveillance environment look like? The people of Xinjiang, a region in northwestern China, have been finding out. Here's how The New York Times describes measures being implemented there: Imagine that this is your daily life: While on your way to work or on an errand, every 100 meters you pass a police blockhouse. Video cameras on street corners and lamp posts recognize your face and track your movements. At multiple checkpoints, police officers scan your ID card, your irises and the contents of your phone. At the supermarket or the bank, you are scanned again, your bags are X-rayed and an officer runs a wand over your body.... [Your] personal information, along with your biometric data, resides in a database tied to your ID number. The system crunches all of this into a composite score that ranks you as "safe," "normal" or "unsafe." The reason for all this snooping? The region is home to a significant population of Uighurs, a religious minority that the Chinese regime tends to see as subversive. The Uighurs, consequently, are subjected to an even greater degree of monitoring and harassment: Uighurs' DNA is collected during state-run medical checkups. Local authorities now install a GPS tracking system in all vehicles. Government spy apps must be loaded on mobile phones. All communication software is banned except WeChat, which grants the police access to users' calls, texts and other shared content. When Uighurs buy a kitchen knife, their ID data is etched on the blade as a QR code. China's treatment of the Uighurs is appalling in its own right, but the story should alarm Americans for another reason as well: It shows how much can be done with mass surveillance tech that already exists and is commercially available to government entities. Most if not all of the technologies being deployed in Xinjiang are already in use, to some extent, in the United States. Many major cities have installed comprehensive CCTV systems that can be easily retrofitted with facial recognition software. Biometric data, including fingerprints and retinal patterns, are routinely collected en masse by law enforcement agencies—and by private employers and consumer electronics companies that under current law can be compelled to hand their data over to the government. Sometimes that only takes a subpoena issued by law enforcement without any judicial review. While the Fourth Amendment does provide something of a shield against large-scale techno-snooping on everyone's everyday movements, the main reason there aren't yet huge government databases that keep comprehensive records on most people's movements and activities is just official forbearance. If, say, the NYPD really wanted to implement a tracking system like the one in Xinjiang—one that used fixed and mobile video cameras, long-distance retina scanners, and biometric databases to keep tabs on every New Yorker—it probably could. Because a great deal of mass surveillance is conducted at the local level (CCTV networks, license plate readers, cell-site simulators, etc.), state laws preempting or restricting the use of these technologies can actually be an effective way to ensure that privacy is protected. The 13 states that have outlawed automatic speed traps (a more directly intrusive forms of mass surveillance, since it hits ordinary people directly in the wallet) demonstrate this. But such restrictions on other forms of surveillance so far seem to have little political support. For example, a study conducted by the Georgetown University Law Center on Privacy and Technology found that very few jurisdictions have policies significantly restricting the use of facial recognition technologies—and in those that do, the restrictions are often self-imposed by executive agencies rather than mandated by state law. It shouldn't be the case that the only thing stopping Xinjiang-style ma[...]

Immigration Authorities Want Access to All the Raw Intelligence the Feds Already Collected on You

Thu, 08 Feb 2018 12:35:00 -0500

Now that Congress and the president have renewed and expanded federal foreign intelligence surveillance authorities to be used on Americans and people on American soil, immigration officials want in on the information. It's not enough for Border Patrol, Department of Homeland Security, and immigration officials to demand to see our papers at checkpoints and stops within the United States, to try to implement facial recognition scans at airports and entry points, to try to demand access to our phones and laptops, and to start scanning license plates. Now, the Daily Beast reports, they want to officially be treated like an intelligence agency and have greater access to information collected through secret surveillance. While this is by no means a new push confined to the current administration, Immigration and Customs Enforcement (ICE) probably has the friendliest ear they've had in a while in President Donald Trump. Betsy Woodruff explains: If ICE joins the Intelligence Community, then its officials will have increased access to raw intelligence, unfiltered by analysts. This could prove useful to both of the agency's components: Homeland Security Investigations (HSI), which investigates transnational crimes, including drug trafficking, money laundering, cybercrimes, and arms trafficking; and Enforcement and Removal Operations (ERO), which arrests and detains undocumented immigrants. For anybody who remembers the privacy debate surrounding the renewal of Section 702 of the Foreign Intelligence Surveillance Act (FISA) amendments, the list of crimes ICE investigates is very relevant. When Congress renewed Section 702, they officially gave the FBI authorization to use this foreign intelligence law to secretly snoop on American citizens in order to investigate a list of federal crimes. That authorized list aligns very nicely with the types of crimes ICE investigates. So if ICE were to get greater access to federal intelligence, thanks to the renewal and expansion of Section 702 of FISA, immigration officials would also get additional access to secret data collected about Americans, not just immigrants. And Section 702's renewal puts some wonky warrant rules in place. If an American citizen is suspected of a crime that ICE is investigating, officials are required to get a warrant to get access to an American's private communications. But if they are not the subject of an investigation or their communications get collected in intelligence-gathering that's not about fighting crime, they do not. So, weirdly, Americans have more due process protections from warrantless snooping if they're suspected of crimes. For the purposes of ICE surveillance, it's very easy to imagine that an American communicating with an immigrant (here legally or not) having his or her phone calls or communications accessed without even knowing about it. So if ICE is allowed to intrude further into the realm of intelligence, that increases the number of federal officials allowed to have access to secret snooping not just of immigrants or people in foreign lands, but of Americans here at home as well.[...]

Governments Hate Bitcoin and Cash for the Same Reason: They Protect People’s Privacy.

Tue, 06 Feb 2018 00:15:00 -0500

Publicly fretting about Bitcoin and other cryptocurrencies, last month, Treasury Secretary Steve Mnuchin assured an audience at the Economic Club of Washington that "one of the things we will be working very closely with the G-20 on is making sure that this doesn't become the Swiss numbered bank accounts." He specifically cited the difficulty cryptocurrencies pose to tracking transactions as a major concern. Soon afterward, India's finance minister, Arun Jaitley, sounded an even stronger note, saying, "The government does not consider crypto-currencies legal tender or coin and will take all measures to eliminate use of these crypto-assets in financing illegitimate activities or as part of the payment system." Why are government officials sounding such similar notes of hostility to increasingly popular non-state cryptocurrencies? "The core technology underlying cryptocurrencies, known as blockchain, is premised on anonymity," Richard Holden, an economics professor at the University of New South Wales, and Anup Malani, a law professor at the University of Chicago, explain. "But anonymity is also the main fuel for the underground economy, which is now conducted largely via cash." They add, "If cryptocurrencies were to replace cash as the preferred anonymous medium of exchange, they could significantly expand the underground economy because they are so much more convenient than cash." It's worth remembering that India's government hates cash, too. Less than two years ago, India demonetized all 500- and 1,000-notes—the highest denominations in circulation—turning them into worthless paper overnight. Officials happily plunged the economy into chaos, and forced many people to resort to barter, in an effort to force the private cash holdings powering the country's vast shadow economy into official view, subject to tracking and taxation. "We can gradually move from a less-cash society to a cashless society," Prime Minister Narendra Modi said at the time, making his ultimate aims clear even as his policies disrupted the lives of people subject to his rule. Lots of economic heavy-hitters agree with that sentiment, including Peter Bofinger, a member of the German Council of Economic Experts, who calls for "the abolition of cash, since coins and bills are obsolete and only reduce the influence of central banks." He insists that with the end of the anonymity provided by cash, "the markets for moonlighting and drugs could be dried up." Harvard University's Kenneth S. Rogoff, former chief economist of the International Monetary Fund, puts a similar book-length argument forward in The Curse of Cash. "The big problem with paper currency is that a large part of it is used to facilitate tax evasion and a huge spectrum of criminal activities," he says. Concerns about constant scrutiny by Big Brother don't sway him either, leading him to retort, "the government's right to tax, regulate and enforce laws trumps individual privacy considerations." Rogoff unsurprisingly also thinks cryptocurrencies are entirely too freewheeling, snarking that "bitcoin—it is a solution if you're wanting to launder money or tax evasion. I think the government will eventually have to regulate it severely and I think someday will issue its own digital currency." He adds, for emphasis, "it's the anonymity that's really the problem." Even in the absence of a formal policy decision, those concerns are already seeping through into everyday life in the United States. In recent weeks financial institutions including JPMorgan Chase & Co., Bank of America Corp., and Citigroup Inc. have restricted the use of their credit cards to purchase cryptocurrencies at least partially over concerns about the government's ability to track their use. Banks are required by regulators to monitor their customers' transactions for anything the g[...]

Neil Gorsuch and Samuel Alito Butt Heads Over the Fourth Amendment, Again

Thu, 01 Feb 2018 10:05:00 -0500

A major split seems to be developing between conservative justices Neil Gorsuch and Samuel Alito over the issue of property rights and the Fourth Amendment. The most recent evidence of this division came on January 9, when the U.S. Supreme Court heard oral arguments in Byrd v. United States. This case arose in 2014, when a woman named Natasha Reed rented a car and allowed her fiancé, Terrence Byrd, to drive it in violation of her rental contract, which listed her as the sole authorized driver. When the state police stopped Byrd for a minor traffic infraction, the officer searched the trunk and discovered heroin and several flak jackets. Byrd is fighting to have that evidence thrown out as the fruits of an illegal search. The question presented to the Supreme Court is this: "The Fourth Amendment protects people from suspicionless searches of places and effects in which they have a reasonable expectation of privacy. Does a driver in sole possession of a rental vehicle reasonably expect privacy in the vehicle where he has the renter's permission to drive the vehicle but is not listed as an authorized driver on the rental agreement?" During the oral arguments, Justice Neil Gorsuch observed that Byrd's lawyer, Robert Loeb, had offered a property rights theory "on which you might prevail." That theory, "essentially as I understand it," Gorsuch said, is "that possession is good title against everybody except for people with superior title." "We think the property interest here, the right that...Mr. Byrd would have had to bring a trespass action," Loeb replied, "demands a recognition of his right to invoke the Fourth Amendment." In other words, Byrd had "possession" of the car under common law principles. If, while driving it, somebody else tried to break in and steal it from him, he would have a common law right "to bring a trespass action," as Loeb put it, against that would-be thief. In this case, the trespasser is law enforcement, which, absent probable cause, has no authority to search the trunk. Justice Samuel Alito apparently did not like the sound of that. "The problem with going down this property route is that we go off in search of a type of case that almost never common law, where an unauthorized sub-bailee brings an action for trespass to chattel against a law enforcement officer. When would that ever have happened in 18th-century America? Never." Loeb pushed back on Alito's characterization. "It's your right to bring trespass action against a stranger," he told Alito. "The fact that you can exclude a stranger and bring a trespass action against him is what supports your property right under the Constitution." A few minutes later, Alito tried to poke another hole in the property rights theory that Gorsuch had seemingly endorsed. "The Constitution uses the word 'property' numerous times," Alito told Loeb, "but the word 'property' doesn't appear in the Fourth Amendment. It talks about effects, which is defined by Samuel Johnson's dictionary as 'goods or movables.'... Is it your argument that any property interest whatsoever falls within the definition of effects if we are going to go back to an originalist interpretation of the Fourth Amendment?" "I think if the common law recognizes your [right]," Loeb replied, "then both under the common law and common sense, that it makes sense to recognize a right to invoke a Fourth Amendment right." Gorsuch remained quiet during those exchanges between Alito and Loeb. But he spoke up again in favor of the property rights theory during the second half of the oral arguments, when Assistant to the Attorney General Eric Feigin was presenting the government's side of the case. According to Feigin, Byrd, "like other unauthorized drivers, simply has no connection to the car at all." "Mr. Faigin, you keep [...]

This Boring British Cops Clone May Show the Future of American Mass Surveillance

Wed, 31 Jan 2018 15:50:00 -0500

BBC's popular reality show Traffic Cops is not so far from what a stereotype-inclined American might imagine if told "it's like Cops, but British." It also shows a worrying future-that-might-be of mass surveillance in America. Traffic Cops may not be a montage of helmeted and mustachioed bobbies puffing after pickpocketing orphans on cobblestoned streets. But to American eyes, the constables of Traffic Cops do seem terribly proper and polite. Compared to the show's ever-controversial American cousin, there's very little shouting, wrestling, cracking of skulls, or brandishing of firearms. In fact, to Americans used to seeing copious amounts of such activities in our cop shows, Traffic Cops (and its spinoff, Motorway Cops) can seem downright boring. Sure, you get the occasional familiar chase-bail-run-tackle sequence. But thanks to strict national restrictions on engaging in high-speed chases, pursuits often end with the cops taking down a plate number and letting the fugitive drive away. This might sound like a pleasant alternative to American civil libertarians, but there's a sinister twist that sours the picture: mass surveillance. The really boring thing about the show is how much time the constables spend just waiting for alerts from Britain's driver surveillance network to pop up on their squad-car screens. Some background: Britain's major roads are among the most heavily surveilled on earth. Every day, more than 8,500 Automated Number Plate Recognition (ANPR) devices placed along the country's roads and in police vehicles read and store the location of between 25 and 35 million license plates, potentially capturing more than half of Britain's entire population of 65 million. Driving in the United Kingdom is also regulated more heavily than in many parts of the U.S. In addition to being licensed and insured, British drivers must pay an annual per-vehicle excise tax meant to discourage private car ownership. The Ministry of Transportation is also supposed to inspect each car annually for compliance with environmental standards. The Ministry of Transporation and the United Kingdom's tax collection service share all their vehicle data with a vast law enforcement data management system called the Police National Computer (PNC). All private car insurers are required to do this as well. And the PNC is connected, of course, to the ANPR network. As such, the ANPR cameras are able to determine, within moments, the license, insurance, tax, and inspection status of every car they see. When the system spots a violation, it alerts the Traffic Cops. src="" allowfullscreen="allowfullscreen" frameborder="0" height="315" width="560"> Occasionally, the ANPR helps the cops recover a stolen vehicle or locate a missing person. At other times it flags cars "known to be associated with drugs," cars possessed by people with unpaid tax debt, and cars whose owners have a history of "anti-social driving," whatever that is. But the great majority of the infractions it uncovers seem to involve skirting the high costs of compliance with Britain's burdensome driving regulation scheme. To judge from the show, the typical penalty seems to be a stiff fine and seizure of the car—a punishment the cops readily explain (with exquisite politeness) is imposed purely as a deterrent. In straight-to-camera bits filmed in the backs of police cars, "outlaw drivers" often confess that they haven't paid their road tax or renewed their inspection because they can't afford to, but still need to drive to get to work, take children to school, and so on. The cops nod sympathetically while writing out the ticket and calling the tow truck. These encounters typically end with frustrated driver and passe[...]

National I.D. By Any Other Name Still Stinks

Tue, 30 Jan 2018 13:35:00 -0500

(image) There have been many pushes to centralize and standardize our individual identification data at the federal level. But when given the choice, American voters and their representatives have always rejected the idea of National I.D. Alas, that hasn't stopped the government with going ahead with it anyway.

In a new report published by the Cato Institute, Jim Harper of the Competitive Enterprise Institute details how a patchwork of state-level systems and programs that collect and share data already does everything the National I.D. proposals of the past ever hoped to, and is poised to do much more.

Harper's report identifies six different programs that in conjunction with each other can or already do provide federal, state, and local authorities with near-instantaneous access to huge amounts of identifying data. Combined, they form a de facto National I.D.

The most familiar (and also most complete) of these systems are the federal REAL ID driver's license standardization mandates and the E-Verify digital employment eligibility checks used by a number of states.

For those who have followed the years-long controversy over REAL ID, the report's most dismaying insight may be that the fight is essentially over. After years of resisting or refusing implementation of the Department of Homeland Security's REAL ID requirements, all 50 states are now in at least partial compliance.

The result, the report says, is a nationwide system in which "even a small-town sheriff in rural Georgia or Vermont could have access to a database of hundreds of millions of Americans' images." Between that and E-Verify, that sheriff could easily tie a face to a Social Security account—a National I.D. measure that voters have vociferously opposed, and that was rejected when it was proposed in the 1970s.

This de facto National I.D. becomes even more expansive when combined with a number of new technologies that states are starting to roll out. Harper discusses the possible combinations of REAL ID and E-Verify with the facial and license plate recognition technologies many states are already using, either in experimental or full-fledged forms.

It's troubling enough that a single license plate recognition unit bolted to a telephone pole on a small town's main street might allow Barney Fife to build an extensive record of residents' comings and goings with minimal effort, or that a facial recognition program tacked onto the New York Police Department's city-wide CCTV network could automatically track and log your walk from Harlem to Chelsea. But a world is fast approaching in which Barney and Bill Bratton can share that information with each other immediately, without any meaningful oversight or restriction.

Trump's Immigration Crackdown Means ICE Will Track Your License Plate Even if You're Not an Immigrant

Fri, 26 Jan 2018 15:58:00 -0500

Immigration and Customs Enforcement (ICE) now has access to a national database of license plates, allowing it to track millions of cars on a daily basis regardless of the owners' immigration status. A no-bid contract awarded in December by the Department of Homeland Security will allow ICE "access to a commercially available License Plate Reader (LPR) database." Though the contract recipient is not identified in public documents, The Verge (which first uncovered the contract's existence) reports that ICE will use a database built and maintained by Vigilant Solutions, a California-based company that partners with law enforcement agencies across the country to collect scans of law-abiding citizens' plates. Each snapshot included in the database includes the license plate number, the attached vehicle's make and model, the state of registration, the GPS coordinates, and a timestamp, according to a "privacy impact assessment" released by DHS. License plate scanners are often attached to police cars, but some jurisdictions have them at fixed locations, including toll booths, bridges, and even ordinary road signs. "Some LPR systems also capture within the image the environment surrounding a vehicle, which may include drivers and passengers," the assessment notes. "Information can be collected from all vehicles that pass the camera." Despite the obvious privacy issues, the DHS assessment concludes that it's fine for ICE to have access to the database, in the name of "public safety and national security." Automated license plate readers have been a point of concern for the American Civil Liberties Union (ACLU) since 2013, when the organization released a report based on public records requests submitted to 600 police departments. The ACLU said the scanners were "becoming a tool for mass routine location tracking and surveillance." While license plate scanners can be used for legitimate law enforcement functions as part of criminal investigations, the ACLU says those instances account for "a tiny fraction" of the millions of license plate records tracking drivers, most of whom have no idea that they're in the database. The DHS contract states that "ICE is neither seeking to build nor contribute to a national public or private LPR database." But the immigration cops are happy to put the existing database to use. According to The Verge, ICE will be able to query the database for five years' worth of data, enough to track nearly every movement that a target might have made during that time. Agents will also get immediate email alerts when a particular license plate is spotted again. "Knowing the previous location(s) of a vehicle can help determine the whereabouts of subjects of criminal investigations or priority aliens to facilitate their interdiction and removal," the privacy assessment explains. "In some cases, when other leads have gone cold, the availability of commercial LPR data may be the only viable way to find a subject." The Verge also reports that DHS experimented with giving ICE access to license plate scanner databases in 2012, but the Obama administration ultimately backed away from the idea because of privacy concerns. The Trump administration, which has made it a priority to apprehend and deport illegal immigrants—even ones who pose no apparent risk to public safety or national security—seems to have no such qualms. To be clear, the national LPR database maintained by Vigilant Solutions does not discriminate between cars owned by illegal immigrants and those owned by legal residents of the United States. For that matter, it does not discriminate between vehicles owned by people suspected of committing any crime and everyone else. It's a blanket surveillance tool t[...]

Regulations Prevent Some People from Using Google Arts & Culture's Portrait-Matching Feature

Wed, 24 Jan 2018 09:55:00 -0500

Tons of people recently downloaded the Google Arts & Culture app to discover which famous work of art they resembed, filling the internet with side-by-side images of selfies and portraits. While those in Illinois or Texas may be curious if they look like a Rembrandt portrait or Botticelli's Birth of Venus, Google refrained from releasing this portrait-matching feature in those states due to their stringent biometric regulations. While the app itself has existed for a few years and offers additional features, the selfie feature went viral as scores of people began posting their accurate, or sometimes cruelly inaccurate (and hilarious) matches on social media. Using facial recognition technology, the app compares the image of its user to the thousands of famous portrairs housed in its database, offering up a series of "matches," so users can find their artistic dopplegangers. But people whose phones are registered in the state Illinois and Texas discovered they were unable to use this feature (though they could ask their out-of-state relatives to find their matches for them). That's because the app uses biometrics or "biometric identifiers," according to the National Law Review, which include fingerprints, voiceprints, and facial geometry that can be used to identify a specific individual. Illinois in particular has led the forefront in biometric privacy lawsuits and regulations—having passed the illinois Biometric Information Privacy Act ("BIPA") in 2008. While other states like Washington and Texas have passed their own versions of BIPA, Illinois remains the most onerous. As a result of this legislation, companies like Facebook, Shutterfly, and others have all been the target of large class action lawsuits regarding their use of biometric data. Though Google requires users to accept a disclaimer before using the feature that states the app only stores data as it actively seeks for matches, the company feared these security measures may not be enough to satisfy Illinois law. Unlike other states, in Illinois BIPA allows private citizens to sue companies for damages, when typically suits of this nature must be brought by the attorney general of that state. Consequently, this regulation has deprived citizens of Illinois from enjoying other, possibly more useful features and products. Nest—another company specializing in thermostats and home security—declined to sell a doorbell technology that can recognize visitors in the state. According to BIPA and the National Law Review, BIPA is an essential regulation, because unlike Social Security numbers and passwords that can be changed if necessary, biometrics are biologically unique and, when compromised, leave an individual without recourse, making this type of potential identity theft all the more dangerous. But there are tradeoffs. As Matthew Kugler, an assistant professor at Northwestern University's Pritzker School of Law, told The Chicago Tribune, "(Maybe) people would much rather have their selfie feature than this privacy protection. That's something we'll have to see."[...]