Saturday, August 07, 2004

Shhh! Part 5

Privacy. How long before it's an alien concept, a quaint reminder of "simpler" times? I'm sure a lot of us recall the descriptions in 1984 of the cameras in every room, watching people all the time - or at least reminding them that they might be being watched, they never knew. Now such cameras, while not (yet) in our homes, surround us. We are recorded at the bank, tracked in the supermarket, scanned as we pass by corporate offices, scrutinized at government facilities. We are observed, measured, tabulated, indexed, and filed.

All the while being told the audacious lie that it's for our own benefit. No, it's not for our benefit at all. So following over these few days, several items about some aspect of privacy. Who has it and who doesn't.

As I've expressed over the past few days, what privacy we have left is seriously threatened by aggressive intrusions from both corporations and government and there are consequences, both financial and political, that arise from that. Still, it needs to be said that the news isn't all bad. There is resistance and the have been some successes.

For one big example, a couple of weeks ago
[t]he U.S. Department of Homeland Security bowed to pressure from civil libertarians, airlines, the travel industry and other nations in deciding to ditch CAPPSII, an air passenger surveillance program that would have given each traveller a green-yellow-red rating based on their perceived security threat.
That from the July 16 Toronto Star. The same day, the Washington Post added that
USA Today broke the story on Wednesday. The paper cited Homeland Security Department chief Tom Ridge, who, when asked "whether the program could be considered dead, Ridge jokingly gestured as if he were driving a stake through its heart and said 'Yes.'"
But of course the program was not actually canceled outright; that would have been too much to hope for. Instead, it has been postponed for "reshaping and repackaging." It will likely follow the same track as TIA - the Total Information Awareness program, which in the wake of vociferous complaints became the Terrorism Information Awareness program, with a revised mandate and more limited reach.

Originally, CAPPS II was going to examine a wide variety of private, commercial databases to "sweep in data on credit, home ownership, telephone records and car registration as a way to evaluate whether the name given by a passenger was real," as the Post story quotes the New York Times as saying. (USA Today adds "mail-order shopping lists" to that list.) Under the revamped program, it appears at the moment,
"the government will simply confirm a passenger's identity by, for example, asking to see a valid driver's license and then checking its authenticity with a commercial data service. Then an airline agent would match that name against increasingly robust watch lists of known terrorists,"
in the words of unnamed sources cited by the Post. USA Today notes that such a review "would be much smaller in scope than the proposal in CAPPS II," even as it's an expansion of the current system.

Privacy advocates, not surprisingly, were cautiously pleased by the announcement, and the people the Post story quoted point up something I've noticed for some time: The issue of privacy is one where the left and the right cross and combine in odd ways. The Post quotes people from the ACLU, the Electronic Frontier Foundation, the Electronic Privacy Information Center, the Center for Democracy and Technology - and former Congressman Bob Barr, a reactionary Republican out of Georgia. Barr authored the infamous Defense of Marriage Act, was regarded as the most homophobic member of Congress (which is saying something), and was a driving force in the Clinton impeachment, during which he apparently lied about his experience as a US Attorney to give weight to specious legal arguments. In 1998 he slipped a provision into an omnibus appropriations bill barring the District of Columbia - over which Congress has jurisdiction - from counting the votes in a referendum approving of medical marijuana. A year later, a successful suit allowed the count to take place; the referendum passed by 69-31. So Barr got approval for a provision banning its implementation.

And yet, and yet - in 2001, he testified before a subcommittee of the House Committee on Transportation and Infrastructure in support of efforts to limit the use of surveillance cameras in public areas. Of the CAPPS II announcement, he said
he would be "'sleeping with one eye open' to ensure the program is not resurrected. 'You can never be absolutely certain that a proposal like this is dead. You can shoot it, stab it, cut its head off, drive a stake through its heart, burn it, scatter the ashes – and still it might pop up somewhere else."
And let's not forget that one of leading opponents of the intrusive sections of the TRAITOR Act is Rep. "Butch" Otter, conservative Republican of Idaho. Take your allies where you find them.

One last note now on CAPPS II: The ACLU reminds us that
[t]ransportation Security Administration told the Senate Government Affairs Committee that the TSA has collected passenger information from Delta Air Lines, Continental Airlines, America West Airlines, Frontier Airlines, and the Galileo and Sabre reservation systems and that previously it had been disclosed that personal data regarding passengers had been obtained by the Federal Government from Northwest and Jet Blue Airlines.
The group has written to Tom Ridge calling for a commitment to prove they really do intend to limit invasions of privacy by destroying all those records.

Meanwhile, another program to sweep up our lives into government databases seems to be sputtering out before it got going. Back in February, Jane Black, Business Week's correspondent on privacy issues, wrote
On Jan. 29, Utah pulled out of MATRIX, the Multistate Anti-Terrorism Information Exchange, a database that allows law-enforcement officials to comb through information on individuals held by the state and commercial establishments. Utahans evidently were enraged to discover that the police could create dossiers that include a person's birth and marriage certificates, car registration, and address and credit history - with one click of a button.
MATRIX is a system designed by Florida-based Seisint, Inc., in the wake of 9/11 and marketed to state law enforcement agencies. It can quickly sift through literally billions of pieces of information to answer queries. The New Standard, an online news service headquartered in Syracuse, NY, reported in early July that
Matrix contains an unprecedented amount of information: current and past addresses and phone numbers, arrest records, real estate information, photographs of neighbors and business associates, car make, model and color, marriage and divorce records, voter registration records, hunting and fishing licenses, and more.

For example, a user could identify all brown-haired divorced male residents of Minneapolis who drive a red Toyota Camry and are registered to vote. The data can then be displayed in "social networking charts," showing connections between individuals, photo line-ups and "target maps," according to internal Seisint documents obtained by The New Standard after a Freedom of Information Act request by the American Civil Liberties Union.
Sixteen states have done a preliminary screening of the system; thirteen signed up for it. By the time of Black's column, after Utah dropped out, only six remained: Florida, Connecticut, Pennsylvania, Ohio, New York, and Michigan.
On Jan. 30, Georgia withdrew amidst a swirl of privacy concerns. Last September, California's attorney general declared that the system "offends fundamental rights of privacy."
Since then, New York has also quit the system and Michigan is being sued by the ACLU to end its participation because interstate transmission of police files violates state law.

And the faltering system is being revamped to "adopt a decentralized model in which each state maintain its own records" - which would seem to be a rejection of the underlying principle of the original project.

Black, back in February, may have put her finger on the important point here.
The real furor over MATRIX demonstrates something much more important - and surprising: Privacy advocates have gained a lot of ground in the two years since September 11. And the pendulum is swinging back in their favor.
Hopefully, that will continue to swing our way.

Footnote: Just like everything else, this is not all good news. For one thing, the five remaining states at least at present look like they intend to ignore public concerns and stay with the program. And even though they are the only ones participating, Matrix
has driver’s license information from 15 states, motor vehicle registration from 12 states, Department of Corrections information from 33 states and sexual offender information from 27 states, according to Seisint documents,
and it continues to use that information.

Finally, the Washington Post reported on July 15 that
[i]nformation giant LexisNexis Group said yesterday it will pay $775 million in cash for Seisint Inc., a privately held data service that created a controversial tool called the Matrix, which gave state and federal authorities new power to analyze records about Americans after the Sept. 11, 2001, terror attacks. ...

LexisNexis maintains billions of records, including media reports, legal documents and public records collected from thousands of sources. It has some 13,000 employees around the world. Officials there believe the deal will boost the company's already extensive role in homeland security initiatives and expand the information and analytical services it already provides under contract to police departments across the country and federal agencies such as the Justice Department and the CIA.

Civil liberties activists warned that the combination of Seisint technology and LexisNexis's global reach could be massively intrusive if used in the wrong way. "It will hurtle us even faster toward a surveillance society," said Barry Steinhardt, director of the Technology and Liberty Project at the American Civil Liberties Union. "It can't be good news here."

Willox said such fears are overblown because of the care his company takes to ensure that individual privacy is not abused. "LexisNexis has a long history and is well respected for going the extra mile to protect personal privacy," Willox said. "This or any acquisition is not going to change that."
Yeah, well, I remember the saying from negotiations on international arms treaties: "Trust, but verify." They want the trust but want to be immune from the verification. And I say that makes them inherently untrustworthy.

No comments:

 
// I Support The Occupy Movement : banner and script by @jeffcouturer / jeffcouturier.com (v1.2) document.write('
I support the OCCUPY movement
');function occupySwap(whichState){if(whichState==1){document.getElementById('occupyimg').src="https://sites.google.com/site/occupybanners/home/isupportoccupy-right-blue.png"}else{document.getElementById('occupyimg').src="https://sites.google.com/site/occupybanners/home/isupportoccupy-right-red.png"}} document.write('');