Topic: Telecom, Internet & Information Policy

Another “Piggybacking” Story

CNN reports on another example of police hysteria over “wireless theft.” Stories like this seem to pop up every few months: somebody parks their car on a residential street, opens up his laptop, and uses it to access a wireless network that’s not protected by a password. Then the police come along and arrest the guy. In the two cases reported in this story, both of which occurred in the UK, the police let them off with a warning. But in 2005, a guy was fined 500 pounds and placed on probation for a year for “stealing” Internet access.

As I argued in an op-ed last year, this is silly. Accessing someone else’s wireless network, especially for casual activities like checking your email, is the very definition of a victimless crime. I’ve done the same thing on numerous occasions, and I deliberately leave my wireless network open in the hopes that it will prove useful to my neighbors.

The only concrete harm opponents of “piggy-backing” can come up with is that the piggy-backer might commit a crime, such as downloading pirated content or child pornography, with your connection. But remember that there are now thousands of coffee shops, hotels, and other commercial locations that offer free WiFi access, and most of them don’t make any effort to verify identities or monitor usage. So someone who wants to get untraceable Internet access can go to any one of those establishments just as well as they can park outside your house.

Which isn’t to say that there are no reasons people might not want to share their network connections with the world. If sharing your Internet access creeps you out, by all means set a password. And there’s almost certainly work to be done educating users so that people are fully informed of the risks and know how to close their network if they want to do so.

But arresting people for logging into an open network is completely counterproductive. Ubiquitous Internet access is socially useful, and the vast majority of “piggy-backers” aren’t doing anything wrong. If you see someone parked on the street outside your home using your wireless network, you shouldn’t pick up the phone and call the cops. Instead, call your geeky nephew and ask him to set a password for your network. Or, even better, do nothing and consider it your good deed for the day.

The Border … Is You

Tomorrow, the House Homeland Security Committee is hosting a “Border Security Tech Fair.”

Vendors scheduled to participate include: Sightlogix, Scantech, Wattre, Hirsch, Bioscrypt, Cogent Systems, Cross Match, L1 Identity, Sagem Morpho, Motorola, L3 Communication, Authentec, Privaris, Mobilisa, and Lumidigm.

I don’t know all of these companies, so I made some educated guesses about the links (and I may have gotten the wrong division of Motorola), but it appears that fully 11 of the 15 participants are in the biometrics industry.

If you think for a minute that this is about the boundary line dividing the United States from its neighbors, I have a bridge to sell you. No wait - I have a “biometric solution” to sell you.  Mobilisa, for example, is being used to run background checks on the citizens of Clermont County, Ohio.

Participants in the Homeland Security Committee’s lunch briefing are all in the biometrics industry.  One of them, James Ziglar, wrote an op-ed in favor of a national ID in Monday’s New York Times. He claims it’s not a national ID, but then, he’s got a biometric solution to sell you.

If It’s Not a National ID, Then What is It?

Former IRS Commissioners Doris Meissner and James Zigler editorialize in today’s New York Times about their support for “secure, biometric Social Security cards” as an essential part of immigration law reform.

The give-away line?: “To insist on secure documents with biometric identifiers is not a call for a national ID.” They provide no logical support for this naked assertion. Because it’s false.

Strengthened “internal enforcement” of immigration law means federal surveillance and tracking of all workers. All of them. Including you.

Substantiating the Libertarian Vision, One Anecdote at a Time

Yesterday, it was six seconds to get a “yes” from a private entity when a government official took eight days, four hours to reach “no.”

Today, “Why is it that one guy with a laptop can accomplish more in 20 minutes that an army of city officials and bureaucrats can in as many weeks?

While the D.C. Taxicab Commission dithers over issuing a new map, some guy just went ahead and made one on Google maps.

False Suspicion and Cold Comfort

A post on the Washington DC/Metro Area Flickr users group has touched a nerve with readers of DCist, who are sharing stories of similar experiences in the comments.

D.C. area photographer “Yonas,” taking pictures in the Gallery Place Metro station, caught the eye of Metro Police who found it suspicious. They demanded identification and subjected the photographer to questioning.

This offends me about five different ways, but it provides a good opportunity to illustrate how suspicion is properly generated — and, in this case, how it is not properly generated — using patterns. The same concepts apply to the cop on the beat and the high-tech search through data.

I testified to a Senate Judiciary Committee hearing on data mining earlier this year regarding searches for terrorists and terrorism planning:

Pattern analysis is looking for a pattern in data that has two characteristics: (1) It is consistent with bad behavior, such as terrorism planning or crime; and (2) it is inconsistent with innocent behavior.

In … the classic Fourth Amendment case, Terry v. Ohio, …  a police officer saw Terry walking past a store multiple times, looking in furtively. This was (1) consistent with criminal planning (“casing” the store for robbery), and (2) inconsistent with innocent behavior — it didn’t look like shopping, curiosity, or unrequited love of a store clerk. The officer’s “hunch” in Terry can be described as a successful use of pattern analysis before the age of databases.

Recall that after 9/11 people were questioned and even arrested for taking pictures of bridges, monuments, and buildings. To common knowledge, photographing landmarks fits a pattern of terrorism planning. After all, terrorists need to case their targets. But photographing landmarks fits many patterns of innocent behavior also, such as tourism, photography as a hobby, architecture, and so on. This clumsy, improvised [pattern analysis] failed the second test of pattern development.

Photography on public property will almost never be suspicious enough to justify even the briefest interrogation. Photography is a serendipitous activity so it appropriately gets wide latitude. (Other facts could combine with public-location photography to create a suspicious circumstance on rare occasions, of course.)

It bears mentioning that regulations allow photography in Metro stations, but I don’t find regulation of this kind terribly comforting. It reminds me of Prague shortly after the Velvet Revolution, where I observed that people were consciously coming to grips with the revolutionary idea: “All that is not forbidden is allowed.” The prior state of affairs had been the opposite, “All that is not allowed is forbidden.” I hope this latter rule is not in force on our subways or anywhere else in this country.

If You’re in North Carolina …

I’ll be speaking tomorrow at the Security and Liberty Forum hosted by the Privacy and Technology Committee of the American Civil Liberties Union of North Carolina and the Department of Computer Science, UNC-Chapel Hill.

That’s Saturday, April 14, 2007 from 1-5 p.m., Chapman Hall on the UNC Campus.

Scant Evidence? That’s Voter Fraud Calling

One of the more clever country song titles I ever heard was If the Phone Don’t Ring, You’ll Know It’s Me.

That’s something like the predicament of searchers after the menace of voter fraud, who can’t seem to find much of it. The New York Times today reports that “scant evidence” exists of a significant problem.

Voter fraud is the idea that individuals might vote multiple times, in multiple jurisdictions, or despite not being qualified. This is distinct from election fraud, which is corruption of broader voting or vote-counting processes. While voter fraud (and/or voter error) certainly happens, it is apparently on a trivial scale. It probably has not changed any election results, and probably will not do so if ordinary protective measures are maintained.

This is important because voter fraud has been used as an argument for subjecting our nation’s citizens to a national ID. The Carter-Baker Commission found little evidence of voter fraud, but went ahead and called for adopting REAL ID as a voter identification card. One of the Commission’s members apparently retreated from that conclusion, having learned more about REAL ID.

For proponents of a national ID, if the phone’s not ringing, that’s voter fraud calling.