The Department of Homeland Security’s Privacy Office has released a privacy impact assessment, “Future Attribute Screening Technology (FAST)/Passive Methods for Precision Behavioral Screening, DHS/S&T/PIA-012(a)” (DHS pdf; archive pdf); this is an update to a Privacy Impact Assessment (pdf) released in 2008. FAST, which I wrote about four years ago, seeks to divine an individual’s criminal or benign intent from a bio scan, and members of Congress have raised privacy questions concerning the technology.

According to DHS, “FAST seeks to improve the screening process at transportation and other critical checkpoints by developing physiological and behavior-based screening techniques that will provide additional indicators to screeners to enable them to make more informed decisions. FAST is not intended to provide ―probable cause for law enforcement processes, nor would the technology replace or pre-empt the decisions of human screeners.”

Now, according to the new PIA:

The FAST research is adding a new type of research, the Passive Methods for Precision Behavioral Screening (hereinafter FAST/Passive). The purpose of the FAST/Passive study is to build upon existing FAST research using volunteers and increase the performance of FAST primary screening procedures and to increase the ability to differentiate malintent through the inclusion of passive stimuli. The aim of the FAST/Passive study is to devise passive stimuli that will evoke malintent cues and incorporate these stimuli into the FAST screening project. [...] Read more »

There have been increasing privacy and civil liberty questions raised as the use facial recognition technology has increased in companies’ advertising and criminal investigations. As identification technology becomes cheaper and more prevalent, it could easily unmask people and track their movements. Those who were previously part of the unnamed crowd could be singled out for identification.

I’ve discussed before the increasing use of facial recognition technology in advertising, especially in “digital signage.” Most people have heard of the term connected with billboards or other screens that have cameras (and facial-recognition technology) to watch people watching ads in order to improve their marketing. The digital signs log data such as gender, approximate age and how long someone looks at an advertisement. This is supposed to help build a better billboard — one that is tailored specifically to the individual standing in front of it. However, the data-gathering and surveillance practices raise substantial privacy questions. (Disclosure: The Center for Democracy and Technology has released a set of privacy guidelines for digital signage, which I consulted on and contributed to, in the report “Building the Digital Out-Of-Home Privacy Infrastructure.”)

There are also civil liberty questions of government use of the technology. See this previous post for a discussion about the First Amendment right to free speech and how widespread identification technologies can affect that. More of my thoughts on facial recognition in this older GCN interview.

The Federal Trade Commission, which recently held a workshop of facial recognition technology, is now seeking public comment about the use of this biometric technology. The deadline for filing is Jan. 31. Here’s more from the FTC press release: Read more »

The tracking of consumers’ shopping habits (online and offline) for targeted behavioral advertising and other types of marketing is not new. There have been numerous news stories about this surveillance issue. For example, after the Wall Street Journal reported that credit-card companies Visa and MasterCard “are pushing into a new business: using what they know about people’s credit-card purchases for targeting them with ads online,” Sen. Jay Rockefeller (D-W. Va.), chairman of the Senate Commerce Committee, wrote to both MasterCard and Visa asking about the report. Also, the consumers have become interested in opt-out and Do-Not-Track remedies, including browser tools. (Read more about targeted behavioral advertising and privacy issues connected with it in a previous post.) Here are a few recent stories about the tracking of consumers’ browsing and purchases:

BusinessWeek: Big Brother Is Watching You Shop

On the Web, every click and jiggle of the mouse helps e-tailers customize sites and maximize the likelihood of a purchase. Brick-and-mortar stores have long wanted to track consumers in a similar fashion, but following atoms is a lot harder than following bits. [...]

To get a better understanding of their customers in real time, mall operators are monitoring shoppers’ behavior with devices that track mobile-phone signals, while retailers including Montblanc (CFRUY), T-Mobile (DTEGF), and Family Dollar Stores (FDO) are finding new uses for old tools such as in-store security cameras. The goal is to divine which variables affect a purchase, then act with Web-like nimbleness to deploy more salespeople, alter displays, or put out red blouses instead of blue. [...]

T-Mobile employs similar technology from San Francisco’s 3VR, a maker of security systems. Two years ago, 3VR executives realized that its cameras could be used to gather consumer data, according to the company’s CEO, Al Shipp. He says T-Mobile, in Bellevue, Wash., uses 3VR’s technology in some of its retail stores to track how people move around, how long they stand in front of displays, and which phones they pick up and for how long. T-Mobile declined to comment. Now 3VR is testing facial-recognition software that can identify shoppers’ gender and approximate age. [...] Read more »

The Washington Post looks at how Web sites can be ephemeral, and the data you give that site could disappear or you could lose control over the photos, videos, or other information on the site.

As a flood of family photos, videos and holiday greetings hits the Internet this time of year, online users will be swarming the social-networking and photo-sharing sites that have become the personal scrapbooks of our time.

But in the shaky and often promiscuous business of the Web, where companies fold and merge at astonishing speed, you can’t always trust that those sites will take long-term care of your digital treasures.

Gowalla, a service that lets users announce their whereabouts, is set to close down in weeks. In October, Google canned its social network Google Buzz. The Web’s first major social network, Friendster, was overhauled in June to focus on video games.

In many cases, the data that people have entrusted to such sites exist in a cyber limbo, and users’ rights are unclear. [...]

The details of a user’s rights are often embedded in long legal policies that federal regulators complain are often too confusing and seldom read. [...] Read more »

In the last year, that has been increasing focus on the use of aerial drones (also known as unmanned aerial vehicles, “UAVs”) to conduct surveillance in the United States. The Washington Post had an in-depth report of possible privacy problems with the domestic use of aerial drones, which are commonly used in military operations. (Be sure to take a look at the Post’s graphic on the specs, abilities and uses of different UAVs.) The issue is also cropping up internationally. A couple of years ago, there were reports that the United Kingdom was considering the use aerial drones for surveillance of the British public. “The miniature aircraft could be fitted with cameras and heat-seeking equipment, allowing police to carry out aerial reconnaissance from a control room,” the Telegraph reported. The UK Home Office (equivalent to the US departments of Justice and Homeland Security) suggested the use of UAVs for domestic law enforcement purposes in its “Science and Innovation Strategy” report (pdf) for 2009-2012, saying “Unmanned Aerial Vehicles are likely to become an increasingly useful tool for the police in the future.”

At some point, UAVs will become very effective, perhaps even including face recognition technology. That will lead to numerous privacy questions. Also, there are legal questions about the use of such technology.

Now, the ACLU has released a report on this technology, “Protecting Privacy From Aerial Surveillance: Recommendations for Government Use of Drone Aircraft” (ACLU pdf; archive pdf). In a news release, the ACLU says, “Next month the Federal Aviation Administration is expected to propose new rules to make it easier for law enforcement agencies to gain permission to use drones in the U.S., and police departments and other government agencies are expected to greatly increase their use. If the FAA is unable to implement the needed privacy reforms, then Congress should act.”

Here’s information from the introduction: Read more »

In an interview with NPR, George Washington University law professor Jeff Rosen discussed the issue of civil liberties in the digital era:

GPS monitors can track your every movement. Brain scans can now see lies forming in your brain. And advancements in genetic engineering may soon allow parents to engineer what their children will look and be like.

These new technologies are “challenging our Constitutional categories in really dramatic ways,” says George Washington University law professor Jeffrey Rosen. “And what’s so striking is that none of the existing amendments give clear answers to the most basic questions we’re having today.”

On Wednesday’s Fresh Air, Rosen, the co-editor of the new book Constitution 3.0: Freedom and Technological Change, details how technological changes that were unimaginable at the time of the Founding Fathers are challenging our notions of things like personal vs. private space, freedom of speech and our own individual autonomy. [...]

But how the Fourth Amendment — and the other amendments to the Constitution — should extend to quickly changing technologies is unclear. Read more »