Tag: privacy

Miami-Dade Police Abandon Aerial Surveillance Plans

Image from PSSThe Miami-Dade Police Department (MDPD) is scrapping plans to test persistent aerial surveillance technology following criticism from privacy advocates. This kind of technology has prompted privacy concerns in others cities, with Baltimore being perhaps the most notable. One of the best-known aerial surveillance companies allows users to keep a roughly 25 square mile area under surveillance and comes with “Google Earth with TiVo” capability, The news from Miami-Dade county. while reassuring, underlines a number of issues concerning federalism, privacy, and transparency that lawmakers must tackle as aerial surveillance tools improve and proliferate.

MDPD Director Juan Perez was set to ask county commissioners to retroactively approve a grant application to the Department of Justice for the aerial surveillance testing. The fact that MDPD was seeking federal money for the surveillance equipment reminds us that federal involvement in state and local policing should be strictly limited.

The aptly-named Persistent Surveillance Systems (PSS), the Ohio-based company that made the sensor system deployed in Baltimore, uses technology originally designed for military operations in Iraq and Afghanistan.

Military equipment has an unfortunate tendency to make its way from foreign battlefields into the hands of domestic law enforcement, as my colleagues have been outlining for years. This is a trend that ought to be strongly resisted.

It’s not clear if the Department of Justice’s Office of Justice Programs would have approved MDPD’s grant application, but given the current attorney general’s record on civil liberties, as well as the president’s own enthusiasm for aerial surveillance, we shouldn’t be surprised if similar grants are approved during the Trump administration.

Border Patrol Seeking Facial Recognition Drones

During his campaign, President Trump said that he wanted drones to patrol the border 24/7. Customs and Border Protection (CBP), a Department of Homeland Security (DHS) agency, has used drones originally designed for foreign battlefields in order to conduct border surveillance, although these efforts have hardly been efficient. Federal solicitation documents reveal that DHS is looking to smaller drones with facial recognition capabilities. This ought to concern Americans who value civil liberties.

Before unpacking why plans for CBP facial recognition drones are disquieting, it’s worth outlining what kind of capabilities DHS is looking for.

The solicitation notice states the following:

This OTS [Other Transaction Solicitation] call seeks novel sUAS [small unmanned aerial system] capabilities and technologies to augment CBP and USBP [U.S. Border Patrol] mission capabilities. In particular, DHS is interested in technologies and solutions that support USBP agent activities, including enhanced overall situational awareness or support during distinct events, such as detection, tracking, interdiction, and apprehension, and search and rescue (SAR) operations. USBP agents operate day and night in diverse and extreme environments across thousands of miles of the nation’s international land borders and coastal waters. Agents must patrol remote areas, often with significantly limited mobility, visibility and communications. Additionally, agents are often required to traverse rough terrain on foot while carrying large amounts of equipment and, with limited intelligence and support, resolve encounters with unknown and potentially hostile actors. DHS seeks sUAS solutions that can augment USBP capabilities in such conditions.

Because of the “very positive/robust response” to this solicitation, DHS is closing the OTS call early, with an April 27th deadline now in place.

The solicitation lists required sensor capabilities for the drones, including, “Provides a surveillance range of 3 miles (objective),” “Able to track multiple targets persistently,” and “Identification of humans via facial recognition or other biometric at range.”

Later on, the same document notes:

the sensor technology would have facial recognition capabilities that allow it cross-reference any persons identified with relevant law enforcement databases. The data gathered via the sensors would provide information to USBP agents including the presence and extent of potential threats and support the ability of the agent to determine an appropriate response.

If you’re an American adult reading this there is a good chance that your facial image is in one of these “relevant law enforcement databases.” A 2016 report published by Georgetown Law’s Center on Privacy and Technology revealed: “One in two American adults is in a law enforcement face recognition network.” A Government Accountability Office report from last year found that the Federal Bureau of Investigation’s facial recognition system has access to more than 411 million facial images, including the driver’s license photos from sixteen states.

When considering CBP’s activities we shouldn’t only be thinking about America’s land borders. Current law allows CBP officials to stop and search vehicles within 100 miles of America’s external boundary in order to prevent illegal immigration. Roughly two-thirds of Americans live in this so-called “Constitution-free” zone. Although DHS’ solicitation mentions facial recognition drones being used as part of border patrol we should be prepared for them to make appearances at interior checkpoints as well as at ports of entry.

Protect Your Privacy and Save Money by Telling NHTSA No to the Vehicle-to-Vehicle Communications Mandate

Comments on the National Highway Traffic Safety Administration’s proposed vehicle-to-vehicle communications mandate are due next on Wednesday, April 12. This is one of the rules that was published just before President Trump was inaugurated. If approved, it will be one of the most expensive vehicle safety rules ever, adding around $300 dollars to the price of every car, or (at recent car sales rates) well over $5 billion per year. 

Despite the high cost, the NHTSA predicts the rule will save no more than 31 lives in 2025, mainly because it will do little good until most cars have it. Yet even by 2060, after consumers have spent well over $200 billion so that virtually all cars would have it, NHTSA predicts it will save no more than 1,365 lives per year. 

The danger is not that it will cost too much per life saved but that mandating one technology will inhibit the development and use of better technologies that could save even more lives at a lower cost. The technology the NHTSA wants to mandate is known as dedicated short-range communications (DSRC), a form of radio. Yet advancements in cell phones, wifi, and other technologies could do the same thing better for less money and probably without a mandate.

For example, your smartphone already has all the hardware needed for vehicle-to-vehicle communications. Since more than three-fourths of Americans already have smartphones, mandating similar technology in new cars is redundant. Since that mandate will take more than a decade to have a significant impact on highway safety, NHTSA could see faster implementation using smartphones instead. It could do so by developing an app that could communicate with cars and provide extra features on the app that would encourage people to download and use it.  

All of the benefits claimed for the DSRC mandate assume that no other technology improvements take place. In fact, self-driving cars (which will work just as well with or without vehicle-to-vehicle systems) will greatly reduce auto fatalities, rendering the projected savings from vehicle-to-vehicle communications moot.

A mandate that one technology be used in all cars also opens the transportation system to potential hackers. The communications would necessarily be tied to automobile controls, which means that anyone who understands it could take control of every car in a city at once. If individual manufacturers were allowed to develop their own technologies, the use of multiple systems would make an attack both more difficult and less attractive.

There is also a privacy issue: vehicle-to-vehicle also means infrastructure-to-vehicle communications, raising the possibility that the government could monitor and even turn off your car if you were doing something it didn’t like, such as drive “too many” miles per year. That’s a very real concern because the Washington legislature has mandated a 50 percent reduction in per capita driving by 2050. Oregon and possibly other states have passed similar rules.

Comments on the proposed rule can be submitted on line or mailed to:

Docket Management Facility, M–30
U.S. Department of Transportation
West Building, Ground Floor, Rm. W12–140
1200 New Jersey Avenue SE.
Washington, DC 20590.

Big Data Tool For Trump’s Big Government Immigration Plans

During his campaign President Trump made it clear that his administration would strictly enforce immigration law while also seeking to limit immigration. Trump’s executive orders so far are consistent with his campaign rhetoric, including a revitalization of the controversial 287(g) program, threats to withdraw grants from so-called “Sanctuary Cities,” the construction of a wall on the southern border, a temporary ban on immigration from six Muslim-majority countries, and the hiring of 10,000 more Immigration and Customs Enforcement (ICE) agents. Recent reporting reveals that these agents, tasked with implementing significant parts of Trump’s immigration policy agenda, will have access to an intelligence system that should concern all Americans who value civil liberties.

Earlier this month The Intercept reported on Investigative Case Management (ICM), designed by Palantir Technologies. ICE awarded Palantir a $41 million contract in 2014 to build ICM. ICM is scheduled to be fully operational by September of this year.

Here is The Intercept’s breakdown of how ICM works:

ICM funding documents analyzed by The Intercept make clear that the system is far from a passive administrator of ICE’s case flow. ICM allows ICE agents to access a vast “ecosystem” of data to facilitate immigration officials in both discovering targets and then creating and administering cases against them. The system provides its users access to intelligence platforms maintained by the Drug Enforcement Administration, the Bureau of Alcohol, Tobacco, Firearms and Explosives, the Federal Bureau of Investigation, and an array of other federal and private law enforcement entities. It can provide ICE agents access to information on a subject’s schooling, family relationships, employment information, phone records, immigration history, foreign exchange program status, personal connections, biometric traits, criminal records, and home and work addresses.

Nationwide E-Verify an Unwelcome Step Towards a National ID

Senate Judiciary Committee Chairman Chuck Grassley recently reintroduced an E-Verify bill that ought to concern privacy advocates. If enacted, the bill would implement the employment verification scheme nationwide, something President Trump called for during his campaign. Nationwide E-Verify would establish the framework for a national ID system that would undoubtedly come to be used for more than the enforcement of immigration laws.

E-Verify allows employers to check a new hire’s information against government databases to confirm legal status. It is an ineffective system. One reason why E-Verify suffers from inefficiency is because, as things stand, employers taking part in E-Verify use information from documents such as Social Security cards provided by employees. Because the E-Verify system matches employees’ names with a Social Security Number (SSN) it’s possible for an unauthorized worker using a fraudulent SSN to be cleared for employment. A 2009 audit commissioned by the United States Citizenship and Immigration Services estimated that 54 percent of unauthorized workers who submitted documents via E-Verify were erroneously cleared for employment thanks to fraud.

An effective E-Verify system would have to address this glaring loophole. One way of addressing E-Verify’s inadequacy is to include biometric information, such as a facial photograph. Such proposals are worrying.

The E-Verify system currently checks submitted data against Department of Homeland Security (DHS) and Social Security Administration databases. Section 11 of Grassley’s bill would allow the E-Verify system to include the “passport and visa record (including photographs) maintained by the Department of State” as well as driver’s license photos. Seven states voluntarily provide DHS with driver’s license data as part of the Records and Information from DMVs for E-Verify (RIDE) initiative. 

That Grassley’s bill explicitly mentions driver’s license photos is important. Allowing the DHS secretary to deem it necessary for the E-Verify system to confirm identity via driver’s license photos introduces biometric information that proponents believe will make the system more effective.

If the statute purports to require that 43 states provide DMV information that raises constitutional concerns, but as the recent debates surrounding REAL-ID show, the federal government could try to coerce states into compliance. DHS announced last month that residents in nine states will need an identifying document other than a state driver’s license to fly if their licenses are not REAL-ID compliant by January 22, 2018.

Even if the federal government fails to force states to submit DMV data under a nationwide E-Verify scheme, there is still the possibility of nationwide E-Verify leading to a de facto biometric national ID card.

Power Arrangements in Identity Systems

Since the launch of the Sovrin Foundation, Phil Windley has been blogging a lot (no, reallya lot and more, more, more, more, and more) about how self-sovereign identity works and can be used. His most interesting and accessible post for a liberty-minded identity-layperson might be “On Sovereignty,” in which he briefly lays out what it means to have a “self-sovereign” identity.

Sovereignty over your identity doesn’t mean having complete control over information about yourself, but it puts you in a peer relationship with others, including the larger organizations we deal with, such as governments. “The beauty of sovereignty,” Phil emphasizes, is the “balance of power that leads to negotiations about the nature of the relationships between various entities in the system.” I want to expand on this notion that there are power arrangements in identity systems.

In a centralized identity system, the identity provider (such as your Department of Motor Vehicles) determines whether you can assert information and what you can assert. Centralized systems also often share information about you, or facilitate such sharing, whether you want them to or not. Implementation of the REAL ID Act would essentially move these powers from state governments to the U.S. Department of Homeland Security.

A self-sovereign identity system, on the other hand, gives you power to assert information about yourself, which others may accept or reject. It also better positions you to decline to share information about yourself. Those powers are important.

“Power” is an elusive concept. We’re more familiar with talking about power in terms of political and legal arrangements, such as how the Constitution gives certain powers to the U.S. federal government or denies all U.S. governments other powers. But absent these rules, “pre-political” power is simply the ability to do something or act in a particular way, or the capacity to direct or influence the behavior of others or the course of events. Power comes down to what resources you can bring to bear in going after what you want.

The IRS Believes All Bitcoin Users are Tax Cheats

The Internal Revenue Service has filed a “John Doe” summons seeking to require U.S. Bitcoin exchange Coinbase to turn over records about every transaction of every user from 2013 to 2015. That demand is shocking in sweep, and it includes: “complete user profile, history of changes to user profile from account inception, complete user preferences, complete user security settings and history (including confirmed devices and account activity), complete user payment methods, and any other information related to the funding sources for the account/wallet/vault, regardless of date.” And every single transaction:

All records of account/wallet/vault activity including transaction logs or other records identifying the date, amount, and type of transaction (purchase/sale/exchange), the post transaction balance, the names or other identifiers of counterparties to the transaction; requests or instructions to send or receive bitcoin; and, where counterparties transact through their own Coinbase accounts/wallets/vaults, all available information identifying the users of such accounts and their contact information.

The demand is not limited to owners of large amounts of Bitcoin or to those who have transacted in large amounts. Everything about everyone.

Pages