Selected Information Gathering Systems – Project 2

With the ongoing revelations of former defense contractor, Edward Snowden, and other recent events surrounding the activities of the United States intelligence community in general, and the National Security Agency in particular have been under a lot of fire from some American citizens. PEW Research Center recently published a survey that showed that 17% of Americans claim to be “very concerned” about this surveillance, while 35% say that they are “somewhat concerned.” The government has been deemed overly invasive and people have begun doing things like creating stronger passwords, encrypting information on their computers and/or phones, or paying cash rather than using a credit card all in order to avoid government surveillance. Yet, intelligence agencies are not the only one collecting information. Even before this, the information age, universities have been a prime example of surveillance and information gathering systems. This report (can be accessed by using the link at the end of the post) shows various information gathering systems at the University of Utah. Due to time constraints and manpower limitations, this report does not attempt to identify or discuss all the surveillance systems in operation at the University. A list of persons interviewed for this report is attached as Appendix A. We wish to thank those University employees and administrators for their openness in meeting with us.

Selected Information Gathering Systems at the Univeristy of Utah

Week 9 News Digest

Hampton entrepreneur seeks to launch privacy-friendly search engine

March 4, 2015

http://www.post-gazette.com/local/2015/03/04/Hampton-entrepreneur-seeks-to-launch-privacy-friendly-search-engine/stories/201503040198

While Google openly collects data on every search performed, this information may be used by governments or other entities to monitor individuals or groups of people. A new search engine alternative released under the name “Jumbawumba” uses Google’s technology to obtain search results, but doesn’t allow the search engine to see who made the original inquiry. Instead, Jumbawumba masks the request by sending it through their own servers first, breaking the direct link between the searcher and the search engine. The website, whch started on Kickstarter.com, will charge a fee for large-scale, automated searching, but is free for regular users who want to obtain information discreetly.

 
Blackphone 2, Sikur, CryptTalk: Privacy And Call Encryption Evolves

March 4, 2015

http://www.forbes.com/sites/jenniferhicks/2015/03/04/blackphone-2-sikur-crypttalk-privacy-and-call-encryption-evolves/

Silent Circle, the company who created the first smart phone built from the ground up for security and privacy recently released the second model of this phone, the Blackphone 2. This phone features an octa-core processor, 3 GB ram, and a proprietary operating system called Private OS 1.1. For users who don’t want the hefty price tag attached to the phone ($500+), a Swedish company called Arenim has created an app called CryptTalk, which provides call encryption. Another company, Sikur, offers a new smartphone called GranitePhone. This phone is designed to protect the exchange of sensitive and confidential data and is expected to ship by Q3 of this year.

 

Colorado lawmakers seek penalties on using drones to invade privacy

March 3, 2015

http://gazette.com/colorado-lawmakers-seek-penalties-on-using-drones-to-invade-privacy/article/1547236

Lawmakers in Denver, CO are struggling with legislation restricting drone usage. Legislators are working to resolve exceptions for everyday photography, but have met with challenges. The House Judiciary Committee is considering a bill which would make it a crime of first-degree trespassing to take images of someone when they have an expectation of privacy. In addition to trespassing charges, drone users could also be charged with harassment. Some representatives are against the bill, warning that it may lead to a sweeping reform which criminalizes photography.  Lawmakers are working to future-proof laws to protect their work against the ever-changing landscape of new technology.

 
FBI email warns whistleblower of retaliation if surveillance program concerns reported

March 3, 2015

http://www.washingtontimes.com/news/2015/mar/3/fbi-email-warns-whistleblower-of-retaliation-if-su/

An FBI communication recently told a potential whistleblower that he could face retaliation if he comes forward with concerns about political interference with a secret terrorism and counterintelligence program. The e-mail came from a bureau attorney and has raised questions in congress about the FBI’s ability to properly handle accusations of wrongdoing and protection of whistleblowers. The Senate Judiciary Committee met on Wednesday to take testimony regarding the FBI’s whistleblower protections. The e-mail also confirms long held beliefs in Congress that the FBI’s protections in place for whistleblowers are currently being pushed aside in favor of bureaucratic tradition. In February, a Government Accountability Office report found that nearly 90% of FBI whistleblower claims were dismissed. This means that many of these concerns around surveillance programs within the FBI are being ignored and pushed to the side.

 
EFF to UN: You Need a Privacy Watchdog
March 4, 2015

https://www.eff.org/deeplinks/2015/03/eff-un-you-need-privacy-watchdog

The EFN recently joined sixty civil liberties unions and public interest groups to call on the UN to create a Unite Nations Special Rapporteur on the right to privacy. The special rapporteur is an independent expert appointed by the Human Rights Council to ensure that privacy is defined and understood by members of the global organization. The creation of this role would serve to further common understanding among United Nations members and help foster discussion among world powers and the public. The U.N. Human Rights council is holding its 28th session in Geneva and it will conclude on March 27th.

Week 8 News Digest

NSA chief seeks compromise on encrypted phone snooping

February 23, 2015
http://phys.org/news/2015-02-nsa-chief-compromise-encrypted-snooping.html
In Washington, Monday February 23, the National Security Agency chief proposed that a compromise can be made when it comes to access encrypted devices. National Security Agency Director Admiral Mike Rogers, stated that he does not believe Americans should be divided on the issue of encryption. Rogers said that in the fight against terrorism, the concerns are the same as in law enforcement, and endorsed the view expressed by FBI director James Comey on gaining access to encrypted mobile devices. Rogers’ stated that “We fully comply with the law…we do that foreign intelligence mission operating within (a legal) framework.” The point of the conference was to bring awareness to the NSA’s belief that there should be a common ground with the tech sector on the issue, instead of a nothing or everything.

Alleged Hacker belonging to the hacking crew Lizard Squad run a DNS hajacking attack against the Google Vietnam domain.

February 24,2015
http://securityaffairs.co/wordpress/34058/cyber-crime/lizard-squad-dns-hijacking-google-vietnam.html
Users who accessed the Google Vietnam website were presented with a picture of a man taking a selfie, along with a message that claimed the site was hacked by Lizard Squad. The hackers also took the opportunity to advertise their Lizard Stresser DDoS service. Although Google Vietnam wasn’t actually hacked, the attackers directed the visitors to a defacement page through DNS hacking. The attackers managed to redirect users by changing the Google name-servers to CloudFlare. Experts believe this was either done to confuse network analysts and legacy tools, or the attackers simply didn’t care what type of IP address they were using as long as they achieved their goals. The name-server records were restored roughly two hours after the attackers had changed them.

Gemalto presents the findings of its investigations into the alleged hacking of SIM card encryption keys by Britain’s Government Communications Headquarters  and the U.S. National Security Agency

February 25,2015
http://www.gemalto.com/press/Pages/Gemalto-presents-the-findings-of-its-investigations-into-the-alleged-hacking-of-SIM-card-encryption-keys.aspx
On February 25,2015 the European SIM maker of Gemalto said they have investigated the past records of attempts of attacks. The website made the allegations on the theft of the keys — which encrypt and decrypt data — based on a document leaked by former NSA contractor Edward Snowden. But the company denied that these attacks resulted in a large-scale theft of encryption keys. The company said the aim of the operation was to intercept the encryption keys as they were exchanged between mobile operators and suppliers.

Most popular apps vulnerable to hacking: McAfee

February 24,2015
http://timesofindia.indiatimes.com/tech/tech-news/Most-popular-apps-vulnerable-to-hacking-McAfee/articleshow/46357311.cms

Intel Security’s McAfee Labs is reporting that the vast majority of the most popular mobile apps found to be vulnerable to man-in-the-middle attacks in research performed last year remain exposed to attacks. According to McAfee Labs, nearly three-quarters of the 25 most downloaded apps on CERT’s list are still unpatched. Although the researchers did not find evidence that these apps had been exploited, the number of downloads for the apps ranges into the hundreds of millions. The latest findings were included in the McAfee Labs Threat Report of February 2015, which also revealed that mobile malware samples jumped 14 percent during the final quarter of 2014. At least eight percent of all McAfee-monitored mobile systems reported an infection in the fourth quarter of last year.

Old Vulnerabilities Still Popular Targets for Hackers: HP

February 23,2015
http://www.securityweek.com/hp-cyber-security-report-reveals-old-vulnerabilities-still-popular-targets

Vulnerabilities in older code is continuously becoming a big risk for hacking, according to the HP report. Hackers have used older methods and codes from years ago, even decades ago. The most targeted 2014 CVE was CVE-2014-0322, a vulnerability in Microsoft Internet Explorer, leaving corporations exposed.

Our Surveillance State and Resisting

In a society with ever-increasing amounts of surveillance, it is not a big leap to argue that there will be a range of opinions regarding surveillance. The reasoning behind surveillance is something that is often questioned. Modus operandi, or methodology, is something that is also brought into the spotlight. Arguments could be made for why ever-increasing levels of surveillance are necessary. There are just as many arguments for why it is not. Regardless of the arguments surrounding the levels of surveillance seen in society, the surveillance is there. As a result, there are groups and individuals who have taken it upon themselves to resist the surveillance state in which we now live. The methods and effectiveness of these resistances are open to interpretation, yet the fact still remains: Resisting is necessary, however effective or ineffective it may be.

In his article, “A Tack in the Shoe: Neutralizing and Resisting the New Surveillance” Gary Marx, an Emeritus professor at MIT, stated that there are a primary set of eleven concepts to aid in the avoidance of surveillance. These include masking behaviors, Distorting, avoidance, piggy backing, and simple refusal behaviors. Professor Marx outlines types of behaviors that allow one to resist the surveillance on a general level, with what he describes as “resistance or non-compliance.” He goes into how each type of behavior may be implemented to aid in the everyday resistance of surveillance. For Example, he describes how piggy backing actions can hide when one might enter or exit a building. Assuming you have legitimate purposes and clearance to enter an area, instead of swiping your card upon entering to open a door, merely walk in as someone else swipes. The technique of discovering what surveillance may be active is a form of surveillance all its own. Marx outlines another example of a radar detector in a vehicle. It can detect if a police officer is using radar. The counters surveillance, or “discovery surveillance” works as long as it is assumed there is actual surveillance in place.

There are ways to resist the surveillance we now face. One example is the Detekt softwares. It is designed to be used on windows PCs in order to detect spyware used on a commercial scale to monitor a staggering number of individuals. It is recommended that if you suspect that your computer is tagged to disconnect it from the Internet and all networks. This is in the hopes to limit further observation. There are a large number of tools to fight against malware and spyware. These tools have become necessities for maintaining one’s privacy.

In a recent article in Al Jazeera America, Resisting the Surveillance State of Mind,” authored by Norman Solomon, Solomon quoted a German named Wolfgang Schmidt. Schmidt was a Lieutenant Colonel in the german Stasi, the former East German Special Police. Schmidt compared the surveillance he oversaw in the 1980’s. He states it was tiny in comparison to the NSA’s programs. He also stated that for an operative, this level of surveillance would have been “a dream come true”. This is coming from someone who worked in what is historically viewed as one of the most repressive intelligence groups ever formed. Part of the reason for this is because its role was not defined in any legislation in East Germany, meaning that its de facto purpose was to spy and survey all information both domestically and externally. Granted, this comparison is a little unfair for a number of reasons, one example being the NSA has a tendency not to physically destroy dissidents. The point remains that the Stasi relied on 2,000,000 collaborators and 100,000 employees. According to the Encyclopedia Brittanica, the information they gathered allowed them to infiltrate every institution and aspect of daily life. The invasive network of technology that is constantly gathering information on behalf of the NSA, it could be argued, is rather similar. The similarities stretch into the choice to operate and enhance incredibly invasive programs. The Stasi through their network of citizens turned informants, and the NSA through their amassing of astronomical amounts of mobile phone metadata.

Norman Solomon also brings up an important point in the same article. He writes, “Technology is a convenient scapegoat for escalating invasions of privacy. But there is nothing inherent in technological progress that requires such violations of human rights and civil liberties.” This is an important distinction. There is no reason that new developments in technology must spell out new methods of increasingly invasive surveillance. That means that the network that the United States government has in place becomes exponentially more disturbing with each revelation. All this outlines why resistance to this system is important. Perhaps if not resistance, certainly making it more difficult for those who would seek to gather all information to gain “Total Information Awareness.”

In an editorial for Reason.com, Steve Chapman stated that privacy showed definite signs of life. Citing the the architect of the Patriot Act, Rep. James Sensenbrenner, he outlined how the Patriot act initially was structured to prevent this sort of data mining. The picture painted by this information is that often Law makers twist a program, meaning it begins to suit the desires of the politicians, as opposed to the purpose for which it was originally conceived.

That beings said, there are some methods of surveillance for which there are not many tools to resist. There are not large numbers of tools for public camera surveillance beyond the run of the mill hat or hood. Cell phones, simply by being on your person, can lead to you being tracked. This can occur without GPS, simply by studying the battery level of phone. The battery level in Android devices produces battery statistics, which can be used to build a tracking model of the individual in question. The algorithm designed by researchers at Stanford allows for battery level to outline a rough path of the phone, allowing for basic tracking through nothing but the battery level. Granted, the program must first know what battery is communed across various paths, but once that information is obtained, tracking can occur. The theory behind this is that phones use different levels of power at different differences from different towers. There is a 2/3 success rate, with an accuracy of 150m for this program, but it goes to show how easy technology can be used to survey people in their daily lives.

Ultimately, surveillance comes down to information gathering of those who are deemed to have the interest of those doing the watching. Those being surveyed often (almost completely) have no choice in the matter. That being said, there are services and behaviors that can be avoided. Paying cash, leaving phones at home, using a PO box, and other such behaviors that can limit that information can be gathered. But if someone is determined to find information, it will be there. However seemingly insignificant something may seem, like the battery level on your phone, with the right mind behind it, can determine where you have been. Lieutenant Colonel Schmidt also said, “It is the height of naivety to think that once collected, this information won’t be used. The only way to protect the people’s privacy is not to allow the government to collect their information in the first place.” Resisting the surveillance and gathering of information is crucial because it allows individuals to retain their personal liberties and keeps the government in its place. It has also been voiced by many that bulk collection is often inherently ineffective. If this was the case, it would mean that the argument could be made that large often ineffective surveillance provides data which is used in secondary ways other than the originally intended purpose. Resistance to this model is necessary, because it is not an acceptable model for a nation to adopt. This model is not acceptable because though legality is often a matter of who you ask, it is undeniable that it is not in the spirit of the Constitution and its amendments. For example, though Phone metadata to some may not constitute unreasonable search and seizure, it is seriously at odds with the spirit of the 4th amendment.

Week 7 News Digest

What we know about the bank hacking ring—and who’s behind it

February 16, 2015

http://money.cnn.com/2015/02/16/technology/bank-hack-kaspersky/index.html?iid=SF_T_River

Hackers managed to steal up to one billion dollars from banks in Russia, Germany, China, and the Ukraine. They were able to hack ATMs in a way that allowed them to control them from a distance. Hackers were able to get deep enough into banks’ computer systems that they were able to get client’s email address. They sent emails pretending to be the bank, that when opened, installed malware on the computers. They were then able to transfer money from client accounts to their own private accounts. The hackers are said to be from Russia, China, and some parts of Eastern Europe.

 

Breach index: Mega breaches, rise in identity theft mark 2014

February 13, 2015

http://www.scmagazine.com/breach-index-mega-breaches-rise-in-identity-theft-mark-2014/article/398236/

2014 was the year for data breaches with reports showing that more than one million records were compromised. 54% of those breaches were identity theft breaches. The amount of identity theft breaches have increased by 20% since 2013. Tsion Gonen, vice president of strategy for identity and data protection at Gelmato’s Breach Level Index, believes that the reason identity theft has increased and credit card has decreased is because attackers are looking for the most valuable information that they can piece together to use later on. Gonen also says that financial organizations have helped to decrease the amount of credit card theft because they have cut down opportunity by watching closer for fraud alert.

 

UK admits unlawfully monitoring legally privileged communications

February 18, 2015

http://www.theguardian.com/uk-news/2015/feb/18/uk-admits-unlawfully-monitoring-legally-privileged-communications

On Wednesday, February 18, 2015, it was uncovered that UK intelligence agencies have been monitoring emails and other communications between lawyers and their clients. Communications between lawyers and their clients had a special protected status under UK law, but was clearly violated by agencies such as MI6. This revelation is evidence that the policies that were in place as of January 2010 have not been met. Intelligence agencies involved have admitted to acting unlawfully and are now to work with the interception of communications commissioner in order to make sure that the policies protect human rights and are observed.

 

The Greatest SIM Heist: How spies stole the keys to the encryption castle

February 19, 2015

https://firstlook.org/theintercept/2015/02/19/great-sim-heist/

Members of the NSA and Britain’s GCHQ (Government Communications Headquarters) hacked into Gemalto, the largest manufacturer of SIM cards in the world. They stole encryption keys that would allow them to monitor communication without the approval of the companies or foreign governments. The GCHQ also says that they are able to manipulate the billing services of cellular companies. This ability would allow them to suppress charges, allowing them to keep their actions secret. The GCHQ is also able to decrypt data and voice communications between cell companies and their clients. There is an outcry from many, claiming that this is not something that secret services should be doing.

 

AT&T is putting a price on privacy. That is outrageous

February 20, 2015

http://www.theguardian.com/commentisfree/2015/feb/20/att-price-on-privacy

AT&T has plans to track and sell users’ Internet activity. This would include the websites that customers are visiting, the duration of their visit, search history, and ads that you see and follow. They would sell this activity to businesses to aid them in providing targeted advertising. This cannot be avoided through using the privacy setting. If a customer wished to opt-out of this system, they would have to pay a $29 fee each month. This extra charge is controversial because it is pushing privacy to something that is selective. Putting a cost on privacy takes a way the rights of people that cannot afford it but that should be allowed it.

 

Week 5 News Digest

AT&T texts can be faked to hack you

http://money.cnn.com/2015/01/23/technology/security/att-text-hack/index.html

In case of an emergency or any case that requires it, AT&T sends out mass text to all of their subscribers. This can range anywhere from an Amber Alert, or a Data Usage Alert. The problem here is that the way that AT&T send messages is that they do it very simply and very easy to mimic. On the link above there is a picture that depicts an authentic AT&T message from AT&T, and a fake one that someone made up. They almost look identical. The reason that this can be dangerous is that people can hack into your phone and get various different information that they can use against you. This in the end can be very destructive to many people.

 

The 3 places where Facebook censors you the most

http://money.cnn.com/2015/02/06/technology/facebook-censorship/index.html

Facebook is notoriously known as the social media site where everybody visits. Almost every country who has access to the internet have Facebook accounts. One of Facebooks big policies is they are supporters of freedom of speech, which is why they have a problem in countries such as India, Pakistan, and Turkey. All of these countries require Facebook to monitor its country’s people’s post, and take down anti-government post, or anything offensive towards government officials. The problem here is that people generally don’t want to be monitored and these countries take away their freedom of speech by requiring Facebook to monitor every single post that is posted.

 

Insurance giant Anthem hit by massive data breach

http://money.cnn.com/2015/02/04/technology/anthem-insurance-hack-data-security/index.html

With the recent hack of Target, Home Depot, an Ebay, another company can be added to the list of people who have been hacked and people’s personal information stolen. Anthem Insurance, the second largest medical insurance company in the world, was recently hacked and the result of the hack was the compromising of 80 million of people’s information. Among this information: birthdays, social security numbers, income information, and email and street addresses of many of Anthem’s customers. With the specific information stolen, it is very dangerous for the people who had information about them stolen because the harm that can come out of the information stolen is great.

 

Why should we trust the Sony PlayStation Network ever again?

http://money.cnn.com/2015/02/02/technology/security/sony-playstation-hack/index.html?iid=EL

Sony in recent years just are unlucky in the department of hacking. There have been many instances where people, or agencies have hacked into the network and shut it down for a period of time. The worst one was back in 2011 when the network was shut down for a month and millions of subscriber’s information and credit card information was stolen. Then there was the Sony Pictures hack by North Korea over the movie “The Interview” a couple months ago. The most recent hack was Super Bowl Sunday, February 1st, the network was hacked and was shut down for about six hours. Many loyal customers of the Play Station have considered, if not already, leaving the network and going to Microsoft because their network is more secure and not nearly as often as Sony’s.

The cost of doing business in China: Spying

http://money.cnn.com/2015/01/29/technology/security/china-business-spying/index.html?iid=SF_T_River

Relations between the US and China have been stained for a very long time, especially since Snowden released the information that the US were spying on Chinese government officials. Recent events have led China to make regulations on any foreign company’s technology that is used inside the country. They require now that companies make their technology less secure and easier to hack into, I find this very funny because why can they get better hackers?  Some US companies tried to get the Chinese government to reconsider the restrictions but nothing has come of it yet. So ultimately, China just wants it easier to spy on American technology and have power and control over what they do in their own country.

Lateral Surveillance

What is lateral surveillance and is it helpful or hurtful? Lateral surveillance is any type of surveillance that comes from another person or thing watching another. There are people who think that lateral surveillance is helpful and helps keep peace in everyday life and then their are people who think that lateral surveillance is hurtful because it bring more surveillance that is intruding on their privacy. The Department of Homeland Security is one of the big reasons why there is lateral surveillance because they make campaigns like the “If You See Something, Say Something.” They use sports stadiums, hotels, local transportation, airports and even Wal-Mart to help with terrorism and crime prevention practices. Why lateral surveillance is hurtful to people is because the Department of Homeland Security is using peer to peer monitoring which means they are using the people around you like neighbors, family members, shoppers when you’re at the supermarket, sports fans when you’re at a game as their eyes and ears to listen and watch everything you do.

Technology has also played a big role in lateral surveillance because it’s made new way in which our friends, foes, employers and even police officers could watch, listen and record us. Social media has also helped in lateral surveillance because it’s basically letting your peers or your co-workers survey you which is an easy way to for them to profile to see what type of person you are. Social media sites were made as an easier way of interacting with people that don’t live near us like family members or to catch up with old friends and to make new friends. If you are using a social media site like Facebook or Twitter you are being laterally surveyed every time you post, like or comment on one of these sites and the thing is, the information you post can be seen by everyone, this is like a snoops dream to get information about you. This is why some people don’t get social media accounts because they already know that the Department of Homeland Security is watching them but that’s not always the people watching them so why give them another way in which they can watch you. There has been some good that comes from lateral surveillance on social media site like when people post about crimes that they have done or are going to do and law enforcement agencies are able to arrest them. http://mic.com/articles/54961/8-social-media-users-arrested-for-what-they-said-online Technology has also brought many tools that people use that can be used to lateral surveillance you in your everyday life like body cams, drones, smart phones, etc. Now with the FBI using facial biometrics to identify people they could basically put anyone of their server just by using a picture from your Facebook or Twitter and they would be able to identify you out in public. The thing is that you wouldn’t even have to have a Facebook or Twitter because if someone posted a picture of you on their account they could use that picture to identify you.

Surveillance was a big concern to a lot of people in the past and now it seems like people just consider it a day to day thing that is going on and that there is no way to avoid it. Your peer or even your co-workers are surveilling your every action or and even people you walk by are surveilling you so there is no way to get around a lot of lateral surveillance. Most people I feel, don’t know that there are ways of getting around lateral surveillance and if they do know how to get around it they won’t usually take the time to do something about it. A good lateral surveillance is a neighborhood watch because it is put in place to help protect the neighborhood and is a physical lateral surveillance that impacts the environment of the neighborhood. The only problem with neighborhood watches is that some of the citizens over think their power and they take actions into their own hand by thinking that they are the law. This is when the neighborhood gets affected negatively because the watches are then invasive to peoples privacy.

I feel like privacy concerns over the years have really dropped off because people really do just consider it a everyday thing and it will happen anyway or they just don’t care anymore. I think that if people were to learn about all the privacy and security invasions that they would want to know more on how they could stop it or learn more on how they can prevent privacy of security invasion from happening to them. If there was a way to teach people about lateral surveillance and the way to avoid it, then we would have less privacy issues and we would be able to be in more control of the surveillance about us.

 

Facial Recognition: Privacy vs Security

August 9, 2014 will live in the hearts of many as a day of a tragic injustice. A young black teenager was shot by a white police officer in Ferguson, Missouri. People across the country protested the behavior of the officer, deeming his actions to be based off of feelings of racial superiority rather than justice. The accounts of witnesses vary, but if there were a video that showed exactly what happened, it would make all the difference. In the wake of the shooting, and ultimately the death, of 18-year-old Michael Brown, there has been a bigger push than ever to have police officers wear body cameras. President Obama strongly advocates for such cameras and has proposed a plan that would pour 75 million dollars into federal spending to allot 50,000 recording devices for police departments. However, the decision to implement body cameras is much more complex than just finding the money to do so. There are many privacy concerns that come along with this decisions. Concerns such as when will the camera be on (do the officers get to pick and choose what is going to be recorded?), how long will the footage be kept, who can access the footage, will the cameras hinder people’s willingness to give cops tips, what technology will be used, and what privacy infringements will accompany these camera? Enabling these cameras to have facial recognition technology is one of these privacy concerns and this post will address those concerns.

First, to truly understand the debate, it is essential to know how facial recognition technology operates. Facial recognition technology uses an algorithm to measure unique facial features such as the space between the eyes, the depth of the eye sockets, the shape of the cheekbones, the length of the jawline, or the width of the nose. It uses these measurements to make what is called a face print. Face prints are just as unique as fingerprints; although, fingerprints are still a more accurate source of biometric identification. Another algorithm is used to then run face prints with other photos that are in the database, searching for a match.

The use of this technology is not new—Facebook and Google+ use it to help you identify friends or yourself in photos, Find My FaceMate uses facial recognition technology for dating purposes, casinos use it to monitor players that have been marked as cheaters or suspicious people. There is even a university in the UK that was using facial recognition technology to take roll. Companies are working to use facial recognition technology to find the age and gender of someone looking at their digital kiosk so that they can advertise specifically to that person. The ethics of all these uses are debatable, but there are currently no legal restrictions on commercial use of facial recognition technology. However, when it comes to law enforcement, the idea of utilizing facial recognition technology is primarily seen as negative by our society.

But, why? We’ve all seen movies that portray facial recognition technology as heroic: it’s a fast way to scan a group of people and find the criminal. It helps the good guys win in a matter of seconds. However, there are some legitimate privacy concerns such as what database would the police officers use and would use of this technology by law enforcement destroy anonymity?

The FBI is working to build a database that is “bigger, faster, better”. This database is called Next Generation Identification (NGI) and currently contains more than just fingerprints, it also contains face prints. The NGI does not get the images from mug shots alone. In fact, according to the Electronic Frontier Foundation, by this year, the NGI will contain 4.3 million images that were not taken for criminal purposes. EFF goes on to explain how if you apply for a job that requires a background check or fingerprinting, the FBI stores your prints in its civil database. However, with the use of facial recognition technology expanding, employers may require a photograph, or “mug shot”. This would then put your information into the NGI along with your fingerprints. The danger in storing criminal and non-criminal data together is that non-criminals could be falsely incriminated merely because their face print and fingerprints are in the database.

Another issue concerning the database is that there is currently no legislation that would block law enforcement from gaining information from organizations such as Facebook. Although the FBI says that it does not currently share information with such sites, who is to say that they won’t in the near future? The problem with the rapid increase of more sophisticated and accessible facial recognition technology is that it is not regulated. Despite tragedies of police brutality, allowing body cameras to have live stream access to facial recognition technologies is rash if it precedes necessary regulation that would protect an individual’s privacy.

One of the biggest concerns that comes up with allowing police officers to have their body cameras equipped with live stream facial recognition technology is that it robs people of the right they feel they have to be anonymous. Facial recognition technology robs by passively tracking and collecting personal biometric data without a warrant. In the Arizona Law Review, Sabrina Lochner says that under the Fourth Amendment, “law enforcement may take a picture of someone’s face from a lawful vantage point without reasonable suspicion or probable cause; there is no reasonable expectation of privacy as to the face, which is constantly exposed to the public.” However, she goes on to say that running the picture through facial recognition technology is not justifiable without reasonable suspicion. If police were equipped with body cameras that used facial recognition in live time, they would be unjustly collecting information on innocent people. This would destroy anonymity. It would restrict what people will do in public, whether it is good or bad.

The privacy concerns that accompany this decision are valid. However, I personally think that the pros of having officers equipped with facial recognition on cameras outweigh the privacy concerns. In Seattle, police officers are using the technology with their own city-determined rules that include annual audits, restrictions on what officers can use the technology, and required logs on usage. Legislation that strictly defines what government agencies are and are not allowed to do needs to be passed before equipping our police officers with body cameras that use facial recognition technology. In this debate, the answer cannot be merely privacy or security; there needs to be a balance that will allow citizen’s privacy and law enforcement’s means to protect citizens.

Surveillance in the Modern Workplace

For as long as there have been employees and bosses to manage them, there has been workplace surveillance. From the foreman of a construction site, leering managers in a cubicle-filled office, and drill sergeants in a military line; it is a commonly held belief that monitoring workers is essential to keeping them in line. The advent of modern electronic surveillance systems has created a workplace environment in which the boss is always looking over your shoulder.

The ever-increasing sophistication of these electronic surveillance systems presents equal concern surrounding their use, as well as the effectiveness of these sometimes invasive systems. Privacy in the workplace takes many forms: it can be as simple as monitoring of e-mails and call logs, but it may also include sophisticated camera systems by which every movement, every served drink, and every service ticket is monitored, recorded, and analyzed.

Workplace surveillance gives cause for concern when employers are able to monitor personal correspondence, such as the content of messages and voice calls. In California, state law requires that both parties be informed that the call is recorded by a beep or recorded disclaimer. However, employers are required to stop the monitoring once it is realized that it is a personal call. It is unclear whether any currently available software is capable of discerning a personal call from a business related call, and what happens with the already recorded data. This means that the content of a phone call may need to be heard by an employer before they can make a determination that it is personal.

In the digital age, employers face increasing scrutiny from employees who, through social media, have been given more visibility than ever before. From expletive-laden comments on Twitter, to entire blog sites dedicated to criticizing their employer, consumers and employees alike have the ability to reach millions with the click of a mouse. It is important that employees, and their employers, are given clear guidelines to protect the interests of each party. To ensure that this extends across all industries and jobs, legislation may be a necessary part of the solution.

Companies see surveillance as a way to protect their interests. This may extend into the personal lives of employees by monitoring their social media usage, ensuring that nothing is said or done which may damage the reputation of the company.  Employers may also find ways around these laws by hiring third parties to monitor employee social media accounts for them. A number of employers have even fired employees for content they’ve posted online. Huffington Post, an internet news blog, has an entire section dedicated to people who have been fired due to posts on social media.

Although many believe that grievances aired off the clock and on their social media accounts are protected acts, they are likely not. The National Labor Relations Board found several instances of lawful terminations linked to social media “gripes”. Employees are subject to surveillance off the clock on their social media accounts and may face disciplinary action if sharing these ideas online. Legislation exists to protect employees in places such as Colorado from employer control of social media accounts. However, employees are still subject to any information which may be publicly available or leaked.

While employers may find it important to ensure they hire people who they believe will fit their image, it could be argued that employees should have the right to privacy, even if using company property to conduct personal business. Legislation keeping social media and personal e-mail account access from employers should be enacted to allow employees to maintain privacy. This is a reasonable expectation because countless employees use company devices to access personal accounts every day. As a result, social networking and electronic communication have become an important part of everyday life.

Aside from protecting digital information, employers and employees alike are increasingly concerned with physical security of employees. An FBI report released in 2014 details a trend of increased workplace shootings over the last seven years. Despite possible tax incentives for hiring convicted felons, employers may be held liable for workplace violence by knowingly retaining employees who have shown to have a violent criminal past. Because of this, many employers may feel an obligation to monitor to mental health and/or communications of their employees.

Monitoring the behavior and physical location of employees provides employers more control over what happens in the workplace. Physical monitoring may be successfully accomplished by video monitoring, as well as GPS tracking on vehicles both personal and company-owned. Understandably, these practices face varying degrees of resistance. Employees often feel entitled to privacy from their employers while off duty. While on the clock, however; courts have generally ruled in favor of GPS monitoring during work hours, regardless of vehicle ownership.

Privacy legislation can take shape in different ways than we might imagine. Recent legislation in Utah, HB0242, provides public employees with the right to a private room in which to breastfeed. The physical privacy afforded in this bill does not extend to private employees in the state, perhaps because of the burden it would put on businesses. Despite this, it may be in the interest of mothers across the country if such legislation was enacted to protect their right to privacy equal to their government peers.

Part of creating clearly outlined rules in regards to privacy in the workplace is the opportunity to create an environment which fosters trust and communication between the employer and the employed. Legislation requiring employers to clearly communicate surveillance practices within the workplace keeps both parties in check, and can help to avoid embarrassing situations. It also enables employers to create an expectation while employees understand what kind of information their employer may capture if they log into their Facebook on a company computer.

Employees should have a right to know when electronic surveillance exists in any form. This information should be disclosed fully and in an upfront manner, such as in an employee handbook. Certain states, such as Connecticut, have created legislation which ensures that employees are given this very kind of advance notice of any electronic monitoring in the workplace.

The rapidly evolving landscape of electronic surveillance requires that these issues are quickly addressed, and that it is done in ways which produce the most future-proof legislation possible. Questions of second use and data retention must also be considered beyond the simple collection of information in the workplace. Although it may be possible to create a compromise through negotiations between employers, employees, and clients, this doesn’t guarantee standards which are applied to every employer, or even every industry. Because of this, legislation may be necessary to provide a base level of protection and compromise for both employers and employees.

Legislation surrounding workplace surveillance must be carefully crafted to protect privacy and safety in favor of employees, while not crippling employers’ ability to maintain their brand image or the security of sensitive data.  Federal laws regarding workplace monitoring already exist, such as the Electronic Communications Act, 18 USC 2150, which allows for unannounced monitoring of business calls across state lines, similar to the aforementioned law in California. This law has the important distinction that an employer must cease monitoring when the employer realizes the call is personal.

Any legislation enacted must not prevent individual employers and employees from striking a balance which both consider favorable and beneficial. The goal of any legislation should lift the burden of these technologies from both parties and allow everyone involved to benefit from them, without being damaging to the reasonable interests of either.

Week 16 News Digest

Failing Security System at Biden’s House

 

January 18th, 2015

 

http://www.washingtonpost.com/politics/surveillance-cameras-at-biden-house-provide-no-clues-about-gunman/2015/01/20/6e17ec8c-a0d4-11e4-903f-9f2faf7cd9fe_story.html

 

Gunshots were fired at Biden’s residence and failed to be captured by the security cameras. They said that the shots came from the main road but the cameras are facing adjacent of the house. The house is said to have history of problems with the security system. The security system was so unreliable that it would have false alarms and it would give incorrect data so the secret service turned the system off. In November it was said that system was getting fixed because the media found out about the problems with the system. With the shooting taking place the secret service now wants to put more cameras on the property.

 

Google Glass Bringing Up Privacy Issues

 

January 16th, 2015

 

http://abcnews.go.com/Technology/glassholes-privacy-issues-troubled-run-edition-google-glass/story?id=28269049

 

The product glass by google is now having to go back to the drawing board because of the privacy concerns. The main concern is the camera on the glass and how it can be used in a public setting. A number of places have started to ban google glass and the Motion Pictures Association of America are warning theaters about them because of the record feature they have. John Simpson told Associated press that glass “is a perfect stalker’s tool, and it’s difficult to see how they solve that.” Google says that they are still going to sell glass and they are hoping to make better versions down the line because they are “building for the future.”

 

Terrorist Breaches in France

 

January 12th, 2015

 

http://www.cnn.com/2015/01/11/world/terrorists-security-breaches-france/


Terrorist attacks in France show that there have been serious breaches in their intelligence, surveillance and security systems. These attacks on their systems have led to the horrible events that are going on in Paris and France. This is bringing serious concerns to the people about the future for France. In the three attacks that have happened there have been 17 people who have been murdered. The main concern that they are working on is to either increase the surveillance and security or to revamp the whole system. Police in the last week have been told that sleeper cells have been activated and will need to keep their weapons on them at all times.