Search


  • Categories


  • Archives

    « Home

    Archive for the ‘Civil liberties’ Category

    As Our Devices Increasingly Talk to Others, Privacy Questions Arise

    Thursday, December 17th, 2015

    As technology continues to evolve and become integrated into our lives, there are significant questions about privacy and security. We’ve discussed before the “Internet of Things,” which is a computerized network of physical objects. In IoT, sensors and data-storage devices embedded in objects interact with Web services. Such connected televisions, refrigerators and other devices can raise privacy and security questions.

    For example, consider the “smart” or “connected” car. People buy such vehicles for the benefits of integrating technology into something where they can be for hours at a time. Your car or truck knows where you go and when. It knows how fast you drive and how quickly or slowly you brake. Your car knows if you’re wearing a seatbelt.

    Privacy experts have noted that unclear or vague privacy or usage policies could allow companies that collect drivers’ sensitive data to share or sell that information with others, creating databases that may invade the privacy of consumers. For example, the locations where individuals drive to could reveal deeply personal information. Do you go to a church or mosque at the same time every week? Have you visited an adoption or fertility organization? Did you join a protest or demonstration? Did you recently start going to a building that includes the offices of several psychotherapists or one that houses a drug addiction clinic?

    One privacy issue recently arose with connected automobiles — and it caught many people off-guard. ABC25 in West Palm Beach, Fla., reported that a Ford car with opt-in 911 Assist allegedly ratted out a hit-and-run driver in Florida. Read more »

    Legislators, Federal Officials Seek Limits on Use of Stingray Surveillance Technology

    Tuesday, November 10th, 2015

    Rep. Jason Chaffetz (R-Utah) recently introduced a bill, H.R. 3871, The Stingray Privacy Act (pdf), to limit the use of cellphone surveillance technology known as cell-site simulators or “Stingray” technology. The bill, Chaffetz says, “would require law enforcement to obtain a warrant before deploying a cell site simulator consistent with recently issued federal guidance and the 4th Amendment to the Constitution. H.R. 3871 does provide targeted exceptions for exigent circumstances and foreign intelligence surveillance.” The federal guidance mentioned is recent policies on cell-site simulators released by the departments of Justice (pdf) and Homeland Security (pdf), with various exceptions for special circumstances. The new guidance was released after public and Congressional scrutiny of the use of the surveillance devices.

    The Stingray and similar cellphone surveillance technologies are extremely invasive. They simulate a cellphone tower so that nearby mobile devices will connect to it and reveal their location, text messages, voice calls, and other personal data. The surveillance technology scoops up data on every cellphone within its range, so innocent people’s private conversations and texts are gathered, too.

    Dozens of police departments nationwide use this cell-site simulator surveillance technology, and there are a lot of questions about how they’re using it. Even the IRS admitted in Congressional testimony that it using the surveillance technology. Read more »

    Libraries Fight to Protect Users’ Rights to Privacy

    Friday, October 23rd, 2015

    A recent case in New Hampshire illustrates how libraries continue to be battlegrounds for privacy rights. The Kilton Public Library in Lebanon, N.H., a town of about 13,000 people, decided to join Tor, an anonymization network for online activities. It was a pilot for a bigger Tor relay system envisioned by the Library Freedom Project. According to Ars Technica, the Library Freedom Project seeks to set up Tor exit relays in libraries throughout the country. “As of now, only about 1,000 exit relays exist worldwide. If this plan is successful, it could vastly increase the scope and speed of the famed anonymizing network.”

    The Department of Homeland Security learned of the pilot, Pro Publica reported: “Soon after state authorities received an email about it from an agent at the Department of Homeland Security. [...] After a meeting at which local police and city officials discussed how Tor could be exploited by criminals, the library pulled the plug on the project.”

    After much criticism of the DHS and local law enforcement interference and petitions to reinstate the pilot project (including one from the Electronic Frontier Foundation), the Kilton library’s board voted a few weeks later to reinstate the project. ”Alison Macrina, the founder of the Library Freedom Project which brought Tor to Kilton Public Library, said the risk of criminal activity taking place on Tor is not a sufficient reason to suspend its use. For comparison, she said, the city is not going to shut down its roads simply because some people choose to drive drunk,” the Valley News reported. Read more »

    When Software Can Read Your Emotions as You Walk Down the Street

    Wednesday, April 22nd, 2015

    I’ve written before about the increasing use of “digital signage.” What is “digital signage”? Most people have heard of the term connected with billboards or other screens that have cameras (and facial-recognition technology) to watch people watching ads in order to target advertising toward individuals. The data-gathering and surveillance practices raise substantial privacy questions.

    The Los Angeles Times reported on the expansion of these digital billboards and their use of facial-recognition biometric technology in casinos, Chicago-area bars and more. USA Today and the New York Times have detailed safety problems that can arise from these digital billboards. BBC News has reported on the use of digital billboards in the United Kingdom. The Wall Street Journal has reported on digital signage use in Japan.

    Now, Wired reports on the more widespread use of software from the artificial intelligence startup Affectiva that “will read your emotional reactions” in real time. “Already, CBS has used it to determine how new shows might go down with viewers. And during the 2012 Presidential election, [Affectiva's chief science officer Rana el Kaliouby’s] team experimented with using it to track a sample of voters during a debate. Read more »

    License-plate-reader Technology Continues to Raise Privacy, Civil Liberty Questions

    Thursday, March 26th, 2015

    As the use of license-plate-recognition camera technology  to gather and record drivers’ movements started becoming widespread in the United States, people asked a number of questions about the privacy, civil liberty and security implications about the surveillance technology.  Last year, the Center for Investigative Reporting looked into privacy questions concerning the use of license-plate readers and found that “a leading maker of license-plate readers wants to merge the vehicle identification technology with other sources of identifying information.” A couple of years ago, the American Civil Liberties Union released a report (pdf) on license-plate readers and how they are used as surveillance devices.

    And law enforcement is concerned about how such tech affects privacy rights, as well. In 2009, the International Association of Chiefs of Police issued a report on license-plate-recognition technology and said, “Recording driving habits could implicate First Amendment concerns. [...] Mobile LPR units could read and collect the license plate numbers of vehicles parked at addiction counseling meetings, doctors’ offices, health clinics, or even staging areas for political protests.” The privacy and civil liberty questions have led to the cancellation of some license-plate-recognition surveillance programs, including ones in Boston and by the Department of Homeland Security.

    One of the biggest questions is: What happens to all the data on innocent individuals? Often, we don’t know what the restrictions are on the collection and use of the data. We have learned some information about what some groups do with the data. Last year, the Washington Post reported that commercial databases gather such location data to sell. In 2013, the ACLU review of license-plate-reader camera technology found that “the approach in Pittsburg, Calif., is typical: a police policy document there says that license plate readers can be used for ‘any routine patrol operation or criminal investigation,’ adding, ‘reasonable suspicion or probable cause is not required.’ [...] As New York’s Scarsdale Police Department put it in one document, the use of license plate readers ‘is only limited by the officer’s imagination.’” In 2011, the Washington Post reported that Virginia used the license-plate scanning technology for tax collection.

    Now, as a result of the public records request, Ars Technica has received the entire license-plate-reader dataset of the Oakland Police Department, “including more than 4.6 million reads of over 1.1 million unique plates between December 23, 2010 and May 31, 2014.” And it’s interesting to see what personal information can be gleaned from the surveillance data.

    Read more »

    Significant Problems in White House’s Draft Privacy Legislation

    Monday, March 2nd, 2015

    The Obama White House recently released its draft Consumer Privacy Bill of Rights Act (pdf) and a fact sheet. Parts of the draft legislation date to a 2012 white paper (pdf) that laid out a plan to better protect consumer privacy. And last year, the big data group that the White House convened also issued recommendations on privacy (pdf).

    The White House has taken important steps in highlighting that individuals need strong privacy protections for their data and in creating the draft legislation. And it is important that the draft legislation attempts to implement the Fair Information Practices: collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, and accountability. For example, the draft legislation gives several options for responding to companies that would violate the bill’s provisions, including allowing individuals and states attorneys general to file lawsuits.

    But there are several significant problems with the proposal that need to be addressed before it can move forward. (The draft does not yet have a legislative sponsor, which it would need in order to be introduced and debated in Congress.)

    One problem with the legislation: It would preempt state laws.

    SEC. 401. Preemption.
    (a) In General.—This Act preempts any provision of a statute, regulation, or rule of a State or local government, with respect to those entities covered pursuant to this Act, to the extent that the provision imposes requirements on covered entities with respect to personal data processing.

    Read more »