Schneier on Security

Amen!

and that's just one of the reasons I continue to be a Canadian

The covering letter for this report is dated January 2003 (unless I have made a careless mistake).

Do any Canadians have a view as to what difference it has made? That might be more interesting reading for today.

Best regards

Yes, it does make a difference.

First of all, consumers now have a fairly hefty threat; they can request access to information about a customer record through PIPEDA, and raise a complaint to the Privacy commission if the information is not supplied, or is clearly missing information.

http://www.privcom.gc.ca/faq/faq_01_e.asp#006

Although Canadian privacy laws have only been in effect for a short time (enforcement since 01/01/2004 for all business, specific industries prior to that), the number of complaints, and the resolutions are interesting to read.

http://www.privcom.gc.ca/ser/index_01_e.asp

As more of these come are resolved, a basis for privacy case law will be established, and hopefully there will be some civil suits that will drive the point home.

It is also important to see that the Privacy Comission also works hard to ensure that privacy is not used as a means to hide data from the people as there was a brief burst of abuse in this regard.

This report, while dated, is still applicable today. The latest report raises even greater concerns regarding the United States' penchant for grabbing extra-territorial people's information for the purposes of "national security".

Needless to say, I as a private citizen have issues with my personal and private information being used by unknown individuals in the US (government or otherwise) without my express consent, just because they happen to see "threats" behind every shrub, bush, tree or in every vehicle (oh, and blame the Canadians - even when the very threat starts on their own soil!).

And, yes, while Canadian are slow to anger and take many things in their stride, once they are motivated, the federal and provincial governments take note. A small but vocal group can sway government policy and we Canadians are once again starting to look at how our personal information is being used. The sleeping majority is waking up.

The "nothing to hide" argument also falls apart when the possible uses of monitoring are considered. Unfettered government monitoring of private communication will lead to the disappearance of the democratic principals of a free press and fair elections. The AG has already publicly talked about monitoring journalist's communications to flush out "classified" leaks. It's not a giant leap to see how this could corrupt the process of fair elections.

As much as one could argue (stupidly) that "I've got nothing to hide, so I am OK with government monitoring", the bigger point is missed that there are important functions of our democraitc process that depend on privacy of communication.

The most important response, though so commonly overlooked, to "If you have nothing to hide, you have nothing to fear," is that it ignores the fact that the government is fundamentally untrustworthy. We like to pretend that there are no bad cops, no corrupt politicians, but history has shown this assumption to be incorrect time and time again.

Furthermore, the more power you give to those in authority, the more incentive there is to abuse that power. As power-holders are able to monitor the people more closely, they gain additional protection from any punishments for their own potential misdeeds.

Could the NSA use its vast wiretapping capability to protect itself from censure? Certainly it could. WOULD the NSA use all of its available resources to protect itself? If you don't know the answer to that question, then you don't belong in politics.

Thanks a lot for the link to this interesting report. As a Canadian very concerned about these matters, it makes for interesting reading.

Interesting... that report is from a now ex-Commissioner that left his post amid scandal and rumors of abuse of his position. I met Radwanski at a talk on privacy and "eSecurity" at the local University. He had a reputation of being a bulldog, but the good work he did for Canadian privacy rights was tarnished by the scandal.

I would be surprised to have seen such a strongly worded report (the above was during the long reign of the Liberal Party) out of the current Privacy Commissioner's office. I suspect that report was largely a reaction to the the Canadian Lawful Access legislation that was being worked on, and had a public consultation that started in 2002.

"using September 11 as an excuse for new collections and uses of personal information"

TRUST your government to do the right thing, BUT VERIFY that they actually are.

This has clarified for me what I have to fear if I've done nothing wrong.

1. The parts they get right

There becomes no limit to the number of people who can impersonate me, and the difficulty of doing so becomes vanishingly small. If my bank accounts are emptied, my credit cards maxed out, new accounts in my name also maxed out, my stocks sold off, and my deferred-tax savings are cleaned out, not only will I be flat broke, heavily in debt, without a hope of credit, unable to pass a background check (goodbye to a job or apartment or car loan), but the IRS will come after me demanding penalty money from my early retirement savings withdrawals. The government that enables the bad guys disables me.

2. The parts they get wrong

The government will treat as proven fact every shred of 'my information'. They will act on these 'facts' as if they had been proven in court. The former legal protection of a trial by jury, or even a trial, have been 'bypassed' (to use the White House term).

As an extreme example, suppose some newfangled facial recognition software identifies me as one of the people on the airliners that crashed on September 11th. When I am found alive, I could be 'detained' and 'rendered' to a place outside United States jurisdiction, where I would be tortured to death for the rest of my life, a modern day 'desaparecido', with no family or friends ever knowing what happened to me, with the entire Constitution and United States Code 'rendered quaint' (in the words Alberto Gonzales, the White House consigliere).

Far more likely would be somebody using my name, or having a similar name, getting their misdeeds attributed to me. What is my defense, beyond wishful thinking?

3. The parts they make wrong

Suppose I were identified as someone likely to inform on my employer to the Feds. All it would take is temporarily borrowing $100,000,000 (a negligible amount in the big leagues) just long enough to wire it into my personal checking account from an offshore bank and then to wire it out again to another offshore bank. The IRS would come with their guns out, robbing me of all my belongings, and taking away my freedom and all my rights. My employer would be coerced into firing me. My bank and stockbroker would surrender all my assets without blinking. With barely more effort, the bastards could fabricate a number of arrests (as convictions would be harder to fake and easy to disprove), which would make me dead meat in the eyes of any jury.

Even more insidious, since government agents and contractors need identities to use while committing their illegal acts ('crimes', we used to call them) they might choose to impersonate me. If any of those crimes got investigated, I am the one to be punished.

Yes, I have nothing to gain and everything to lose.

"The truth is that we all do have something to hide, not because it's criminal or even shameful, but simply because it's private."

I second that opinion.

As a couple of other posters have noted, this report is not new -- but very well worth reading. The link in Dr. Schneier's article is to the HTML version of the report (3 pages). You can get the whole report as a PDF from this link:

http://www.privcom.gc.ca/information/ar/...

This page gives a list of available reports in HTML and PDF format:

http://www.privcom.gc.ca/information/index_e.asp

"The Government is, quite simply, using September 11 as an excuse for new collections and uses of personal information about all of us Canadians that cannot be justified by the requirements of anti-terrorism and that, indeed, have no place in a free and democratic society."

Wow! That would be like the first time in history a gov-created crisis is used for the expansion of state power.

"and that's just one of the reasons I continue to be a Canadian"

That or the fact that you can't leave without having your privacy invaded. What you thought you can just pick u
p your bags and move anywhere at anytime?

"TRUST your government to do the right thing, BUT VERIFY that they actually are."

That first step is impossible since I never consented. Suggested reading: No Treason, by Lysander Spooner.

"The truth is that we all do have something to hide, not because it's criminal or even shameful, but simply because it's private."

I disagree with this philosophically, though I agree your concern.

Something being 'private' does not give one rights over another's knowledge. Should one discover your 'secrets' there is nothing you can do to prevent them from saying it, the question is: did they violate your property rights by their discovery process?

I believe they did, because they have subverted private contracts between you and your service providers.

---

As to the whole "If you have nothing to hide, you have nothing to fear" mantra, it is funny to note that this only works ONE WAY, not in the citizen's favor.

"Why doesn't the United States have a Privacy Commissioner?"

That's a question well worth asking. Do you have any idea?

@ piglet

I blame Bruce.

Joking aside, the United States doesn't have a privacy comissioner because there is no internal incentive for the government to create such a position and externally speaking anyone who would be qualified to hold such a job isn't really pushing to create it, since they probably have nightmares about being appointed.

@george

"Unfettered government monitoring of private communication will lead to the disappearance of the democratic principals of a free press and fair elections."

Methinks you mean the principles (concepts, ideas), but it carried a bit farther, it could indeed also mean the disappearance of the principals (people involved)!

Elvis has left the building

Pat, what kind of incentive was there for the governments of other countries? Everybody nowadays seems to have some kind of privacy commissioner, even Hong Kong, there must be a reason why the USA is the lone exception. Understanding the problem may be the first step to a remedy.

@ Piglet

"there must be a reason why the USA is the lone exception..."

Here in the USA we have instruments such as HIPAA, GLB, and SOX to protect our privacy. Oh...and the Bill of Rights.

Sorry about the soda on the keyboard. Nose still burning?

“Our country, right or wrong! When right, to be kept right; when wrong, to be put right!��?
– Carl Schurz, in a U.S. Senate speech, 1872

As much as we Canadians should be proud of having legislation like PIPEDA, it really only came into being in Canada as a response to pressure from the EU who required their trading partners have equivalent privacy and access legislation. The EU is who we can look to for cutting/bleeding edge privacy law.

The field of privacy is so fluid now that no single piece of legislation in any one nation can be relied upon as 'the model' though. As technology changes, as the challenges to our privacy increase, every weapon available must be brought to bear.

The reality is that information will be collected, whether by government, marketer or criminal. The questions to be asked are: what recourse is available to the victims of privacy abuse and what penalties should exist to punish the offenders.

I think I'm moving to Canada.

How ironic that the Privacy Commissioner's web site wants to set a cookie...

Curmudgeon, I'm not sure whether you are being sarcastic and what that soda refers to. If it is an insider joke, sorry I'm not an insider ;-)

"Here in the USA we have instruments such as HIPAA, GLB, and SOX to protect our privacy. Oh...and the Bill of Rights." The Bill of Rights doesn't mention a right to Privacy. There are constitutional experts (if justice Scalia can be considered an expert) who believe that you don't even have the right to masturbate in private ;-)

@Piglet

"I'm not sure whether you are being sarcastic..."

Yes

"There are constitutional experts (if justice Scalia can be considered an expert) who believe that you don't even have the right to masturbate in private ;-) "

Ergo some of my cause for sarcasm

"...what that soda refers to..."

Sarcasm + soda = burning nose and wet keyboard.

HIPAA has yet to be enforced, SOX and GLB are unweildy and enforcement will be equally awkward. My gripe with these is that they are too industry-specific. What's wrong with a broad brush "private data is private" approach?

You guessed it...commerce. For some folks in this land of Capitolism data is meant to be sold, not protected.

Glad to hear your keyboard is still dry.

"The truth is that we all do have something to hide, not because it's criminal or even shameful, but simply because it's private."

There is also the issue of misunderstanding. From Jane Austen's Persuasion:

"She was obliged to remember that seeing the letter was a violation of the laws of honour, that no one ought to be judged or to be known by such testimonies, that no private correspondence could bear the eyes of others..."

Personal details or casual conversations can be amazingly misleading, and are much more likely to be misleading than an eavesdropper is likely to realize based simply on the given context. Even if one doesn't have any 'secrets', everyone has things that would require extended explanations to be accurately understood by others (assuming the explanations will even be believed). Being observed can mean reviewing everything you say and do and asking, 'Can I justify this?' The alternatives to that involve privacy or alcohol.

In the 'Onion' online today, reprinted from 1999 (hyperlink at end, on my name):

Lewinsky Subpoenaed To Re-Blow Clinton On Senate Floor
...
"If, as the president says, he is innocent of perjury, with nothing to hide, he should have no reason to fear providing full disclosure—including full frontal nudity, if necessary—before the American people," Sen. Phil Gramm (R-TX) said.

My response to the "If you have nothing to hide, you have nothing to fear." is simply "Well then, since presumably you've nothing to hide either you won't mind having your bank statements, credit-card and phone records for the last 5 years published in the newspaper, and the complete unedited contents of your e-mail files forwarded to your boss and your spouse, now would you? Nor would your company mind every record and document it has sent to it's competitors?". I beat people who spout that line mercilessly with it, because everyone has something they legitimately don't want the world+dog to know.

"TRUST your government to do the right thing, BUT VERIFY that they actually are."

Trust but verify is a good policy that I regularly apply.

But NEVER EVEr to a government.

My reasoning for government officials is that the needed skills to work themselves up to those levels make them suspicious already and "trust but verify" no longer applies.

For governments I use the "Distrust AND verify" policy.

@ Nocturn

"For governments I use the "Distrust AND verify" policy."

Ditto. Well spoken.

In response to Havvok, a few clarifications regarding the Privacy Commissioner of Canada's remit:

The Privacy Commissioner is responsible for overseeing and reviewing compliance with two different laws. The first is the Privacy Act of 1980, which covers only the activities of the federal government. The second is the Personal Information Protection and Electronic Documents Act(PIPEDA) of 2000, which covers much - but not all - private business in Canada. Provincial and territorial governments have their own privacy legislation that is generally similar to the Privacy Act.

The Annual Reports referenced here are on the Privacy Act, which is to say that they review only the actions of the federal government vis-a-vis that law. Private industry gets their fair share of knocks from the Commissioner as well - those just aren't covered in these reports.

The Commissioner frequently points out that the standards of the federal Privacy Act are much, much lower than the private-sector law. Indeed, the Privacy Act doesn't actually protect your privacy in the way that most people think: It gives you a right to know what the government knows about you, and change that if it is not accurate, but that's it. There are also many grounds for the government not to tell you things it knows about you, some of which are (of course) due to "national security".

@greg450318
"The reality is that information will be collected, whether by government, marketer or criminal. The questions to be asked are: what recourse is available to the victims of privacy abuse and what penalties should exist to punish the offenders."

That's only part of the equation. Preventing collected information from falling into the wrong hands, or at least into criminal hands, ought to be the first goal. Some, in particular blogger Kevin Drum at www.washingtonmonthly.com, argue that there's no incentive for companies that collect and sell data to secure it. Drum thinks that hefty fines for losing personal information are the only way to motivate companies to take the necessary steps to secure data properly.

Personally, the relative lack of transparency of government, any government, makes me doubtful that "trust but verify" is an effective approach. How do you verify? I can't see how government collection of personal information on a massive scale could ever not be a threat to liberty and freedom.

@Kurzleg

I agree that prevention from collection is important. However, no matter how much effort one puts into avoiding data collection, bits and pieces of data overtime accumulate into useful, profitable databases. Also, you can only prevent data from being collected when you know it is being collected (NSA wiretapping for example).

"It's impossible to move, to live, to operate at any level without leaving traces, bits, seemingly meaningless fragments of personal information." - William Gibson

Data is a commodity and is treated as such by the people who collect it and the people who give it away in return for either products or convenience. Katherine Albrecht* calls her stash of coins for toll booths her 'privacy tax'. She doesn't have the toll pass with the built in RFID. It is less convenient but leaves less of a trace.

The only option is to make the possession of confidential information or the use of that type of information less economically viable,maybe through large fines for misuse or loss. Privacy loss victims may have more success in class action suits. Perhaps businesses that warehouse huge databases of customer information should be required to insure against loss and have to payout to the victims in the event of a breach.

Make personal information a liability for comapnies instead of an asset and fewer will retain data longer than necessary for their business.

My two cents anyway.

Cheers.

*Co-author of Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID
Founder and Director, CASPIAN Consumer Advocacy
(Consumers Against Supermarket Privacy Invasion and Numbering)

To all of you who doubt the seriousness of the enemy we face today,
I am currently working on my Masters in Security Management. The strongest weapon availabe to both Canada and the U.S. is intelligence. As many of us have discovered in recent news. It is difficult to know who the terrorists are within our borders. If our governments have no way to find out who presents a danger, we cannot be protected.
Many of you are whining about your "rights" being abused. Look instead at what bin Laden considers HIS rights to be. 4 million American deaths-2 million of them children. And for those of you in the North, if your government supports U.S goals, your government and its citizens are just as evil as the Americans are. We must defend our citizens from this terror. As a vetran of this conflict, I would suggest you think about your communities, not just yourselves.

Dashiell Hammett, The maltese falcon, 1930:
"Bryan: Who killed Thursby?
Sam Spade: I don't know.
Bryan: Perhaps you don't, but you could make an excellent guess.
Sam Spade: My guess might be excellent or it might be crummy, but Mrs. Spade didn't raise any children dippy enough to make guesses in front of a district attorney, and an assistant district attorney and a stenographer.
Bryan: Why shouldn't you, if you have nothing to conceal?
Sam Spade: Everybody has something to conceal."

Nothing like waving the flag, yelling 'you're either with us or against us' to kill a rational discussion of the erosion of personal rights in a 'democracy'. Without the rights we are 'whining' about, Osama's already won. The death toll's incurred in Afghanistan , Iraq, Vietnam, Korea, and WWII were all for nothing if we're ready to piss our freedoms away the moment the world gets scary.

I suggest if you really like surveillance societies, North Korea probably has a few vacancies.

As an American citizen, born and raised, what privacy rights am I truly lacking compared to many despotic nations?

Honestly speaking, I haven't been stopped by any officer of the law for ages, and find most routine screening at airports to be minimal and take very little time.

Yes, there are times when I find the screenings I have undergone to be wasteful. I found the double screening at the Statue of Liberty observation deck to be wasteful. They really should consolidate that to one screening. The second one seemed more like a "feel-good" exercise.

Still, no one asked me any kind of invasive question or held me any longer than was necessary to process the length of the lines. In other words, except for the bottlenecks such processes create, it wasn't "invasive".

If anything, we have far more to fear from the use of our data by corporations. And this isn't a "paranoid corporations rant". It's just that they can learn an awful lot about their customers by analyzing every metric known to man and some that aren't.

But in the larger scheme, there's no one reading my mail, listening to my phone calls, stopping me on the street, knocking at my door, or even reading my blog. I live an incredibly private life, something to hide or not. I'm not sure I could do this in many other nations.