Schneier on Security
A blog covering security and security technology.
« ID Cards and ID Fraud |
| How Profitable is Cybercrime? »
January 2, 2006
Top Ten Privacy Stories
The Electronic Privacy Information Information Center (EPIC) lists its Top Ten Privacy Stories of 2005:
- PATRIOT Act Reauthorization Falls Short
- Security Breaches on the Rise
- Defense Department Ignores Privacy Laws
- In Federal Court, a Good E-mail Privacy Decision
- Privacy for Voters
- State Department Drops Hi-Tech Passport Plan, But Problems Remain
- NSA Domestic Spying Disclosed
- Problems Remain with Travel Screening Plans
- Credit Freeze Laws on the Rise
- Surveillance of Activists Revealed
And its Top Ten Issues to Watch in 2006:
- Nomination of Samuel Alito
- Future of REAL ID
- "Welcome to the US. Fingerprints, please."
- Workplace Privacy
- Student Privacy
- Location Tracking
- New Revelations About Government Datamining
- Wiretapping the Internet
- DNA Databases and Genetic Privacy Legislation
- Data Broker Regulation
More information on each item behind the link. I don't think the lists are in any order.
Posted on January 2, 2006 at 7:26 AM
• 14 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Of all of the items on the 2006 watch list, I am most hoping for data broker regulation. What a sleazy industry.
Two related resolutions for 2006 and beyond:
1) Never travel to or through the US until my government here (mis)treats US travellers here in the same way as I am treated when I enter the US - or the US once again respects my privacy to the level it did in 2000. In the mean time, lobby my government to fingerprint and retina scan all incoming US citizens.
2) Never quite tell the truth when answering the stupid export questions required to buy many goods from the US. Expect for the one asking me if I'm going to use whatever it is to make a nuclear weapon - after all I do want the stuff I'm buying, and I'm not as stupid as your average terrorist who would apparently be smart enough to build a nuclear device but stupid enough to answer "Yes" to that question.
I think that congressional hearings may also highlight the way that US intelligence agencies currently skirt domestic spying laws by exchanging intelligence with the Canadian intelligence service (CSE).
Another two years off (perhaps) will be some consumer pushback against some of the industry databases that share customer data. In some cases, people must deal with companies in the same industry, insurance for example, because governments require it. However, there are no consumer protections against predatory or discriminatory profiling on the part of one company that affect the consumer's relationship with another company in the same industry.
Well when getting tickets to shift from NZ to Vienna, we in the end avoided any US options. You get 2x the luggage when going that way, for not much extra for the tickets. In the end the delays and fingerprinting put us off. Its unlikey that i will be going to any Academic conference's in the US either for much of the same reasons.
Even if you never go to the otherside -ie say in the international section, and just fly through they still fingerprint you!
But out of the things to watch for 2006. Yea the biggest would be DNA databases.
I'm restricting myself to DNA fingerprinting. Its assumed by many that its unique to each person. This is not the case. Currnet DNA fingerprinting is designed around eliminating suspects. Not finding them in a database. They simply do not include enough loci or Allele's for large databases, and for most ethinic groups, theres the chance that someone else's fingerprint is the same as you is about 1:3000000 . So a database with 100's of millions of people just don't work well at all. But they are already using them!!
I'm surprised however that nothing on hash functions is anywhere on the list. Digital sig's seem a big issue for privacy IMHO. But then again.
This blog is about security in general, not just the confidentiality aspect. Whilst privacy is about confidentiality, there are other concerns in society that would require the *availability* of so-called "private" information.
Some commentators have even claimed that privacy is a modern invention, and that prior to the 20th century nobody had any privacy due mainly to living in small villages where everybody knew everybody and people talked to their friends about everything. For most of human evolution, living in small tribes was the norm.
To detect early indicators of unacceptable behaviour must have been easier in such societies than in our modern cities, and that is without any involvement from an official police service.
If we desire privacy for the individual then aren't we also usurping the role of the general public in maintaining standards of behaviour - in some cases for the benefit of society as opposed to any individual?
If "privacy" does not seek to deny ordinary friends, neighbours, and citizens access to our personal information and activities, then isn't "privacy" really a power struggle specifically between the individual and the State? In that case hasn't the need for community self-regulation been lost in the debate?
Perhaps the "privacy" debate should be renamed to "counterfascism" since that seems to be the true goal of the "privacy" advocates.
Well you have some points. But there was no time in prevously histroy where the "rumour" can spread around the planet in seconds.
example: I get tied in to be a suspect for child pron. It turns out to be database mixup and i was 500 miles from the crime and could never have done it. Everyone in my local comunity (say everyone in NZ) remebers seeing me arrested as a suspect for this rather nasty crime on TV cus its "public info", but nobody reads the 4th page from the front artice in the newspaper that states just how innocent i am and the fact that the cops stuffed it up.
I'm totaly stuffed. Nobdy is going to give me job and i need to shift country. But in the other country i apply for a job, and they do a google. Bang. Probelm. Someone in NZ has a blog on how evil i am and a link to the TV article............
OK extreme example and *totaly* made up. But the police a more likely to implicate more innocent ppl than bad guys with these massive databases and information gathering. What happened to innocent *untill* proven guilty!
Information does not travel the way it did when we were in tribes. Thats why we need checks in place. Note that were not saying the information can't be gathered. Just that there needs to be a good reason *first*, and then its use is *controled * after that.
We are not all bad guys. There is no need to treat us all as bad guys.
OzJuggler: Interesting post. There's a lot of sociological work on this issue. When people are disconnected and unknown to each other--say in a large city--there's a lot of anonymity which can be nice (if you ever experienced living in a small community) but it also facilitates anti-social behaviors. The privacy results in a loss of identifiability and therefore accountability. So it is both easier to commit anti-social acts and for observers to feel no compulsion to intervene. The problem is that in these social circumstances the new types of social control that arise to impose order are themselves often anonymous and lacking in accountability...
@Anonymous 09:28 PM ...
Yeah I think you pretty much nailed the point I was getting at. The next station for my train of thought was the transparent operation of government and the Open Society. Even then national security would legitimately need secrecy - and the small problem remains of preventing internal matters from being spuriously upgraded to national security for insidious purposes.
The part about bystanders feeling less inclined to intervene in crimes is very interesting but it should not have surprised me now that I think about it. Accountability works both ways. But then we may delve into the murky ethical battle between the deontologists and the consequentialists! As a consequentialist myself I wonder what consequence would keep me from intervening if I were to see even a minor offence taking place. Probably it's the mental cost of even making a judgement, in the same way that often people don't take action on advertising even if there's objectively a net benefit from what's being offered. The only kind word I have to say about deontological ethics is that it's cheap to operate. ;-)
> the police a more likely to implicate more innocent ppl than bad guys with
> these massive databases and information gathering.
Ah, well now we're back to the issue of PROFILING! Bruce has said it doesn't work, at least in the context of terrorism and airport security, and I agree.
> What happened to innocent *untill* proven guilty!
Oh we still have that, but now it's just a question of how much red tape, harassment, libel, and mud-slinging is considered acceptable by authorities even before you've been charged with anything.
What I was getting at is that you can't argue for blanket privacy across the board or else you deprive society at large of any means of dispensing revenge..uh I mean justice.. to society's transgressors. If you want to prevent crime by detecting early signs then some invasion of privacy is even more important, although I would argue that proper family care and education in childhood is the best preventative strategy.
Your point about the new ability of mud-slinging to travel globally is something I'd not considered. Globalisation creates the need for greater privacy because the consequences of any disclosure are now less certain in the long term than prior to the 20th century.
Your example is poor mainly because the police have rules about not publicly identifying people who are under investigation - exactly the same procedure that makes privacy advocates uncomfortable. So Big Brother can watch you if he's told you he's watching you, but not otherwise. Very handy for crooks to be notified that they need to lay low for a while! But if invasion of privacy is authorised in secret by the courts then it is again a lack of transparency that invites corruption and spurious invasions of "privacy". But I guess we can't remove the threat of the Trustworthy People turning sour, no matter which way we slice-and-dice it.
I can't prove it, but I think privacy is an instance of the Prisoner's Dilemma, and not everybody involved wants to co-operate.
Yea its a bad example. Best i could come up with.
I expect the police to be able to bug my phone calls etc without notifcation. *if* there is some reason to suspect me. I also expect someone other than the police to decide what is a good reason . Further i don't expect this info to get into the wrong hands or released to the media esp if it was found that i was innocent. Often suspects are named publicly long before a trial.
we just need checks controls and balances.
Interesting to see no attention is given to the EU telecommunications data retention directive. This directive requires ISP's and Telco's to retain traffic data (not content) on who phoned/emailed/voiped, who, where, when. who had what IP-adress at what time. No data on who went to which website however. This data should be retained for 6 month to 2 years, with extensions possible.
@Mark EU directives don't command much public attention outside the EU, and not really that much inside either. Still, it was rammed through in only 3 months, compared to the usual 3 years or so your typical directive takes from first proposal.
Now the question is how the directive will be implemented at the national level.
More interesting will be how the data will be accessed, by whom. Retention indefinitely is pretty much a given, whatever any recommendations.
@ Greg, OzJuggler
> Your example is poor mainly because the police have
> rules about not publicly identifying people who are under investigation
Tell that to Lance Armstrong :)
Admittedly, drug tests aren't a criminal offense investigation, but I'd imagine that if Joe Random Celebrity comes up with a DNA match to Joe Random Serial Killer, that's going to be leaked to the press faster than Joe Random Celebrity can be exonerated.
> I expect the police to be able to bug my phone calls etc
> without notifcation. *if* there is some reason to
> suspect me. I also expect someone other than
> the police to decide what is a good reason .
That seems reasonable to me.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.