I went to a panel entitled Overdue Update or Big Brother? Lawful Access and Cyber Surveillance at U of T’s Faculty of Law yesterday. It was moderated by Graeme Norton, director of the Canadian Civil Liberties Association’s Public Safety Project. The panel included David Murakami-Wood, a member of the New Transparency project (and the only non-lawyer), Lisa Austin from the Faculty of Law and Robert Hubbard, counsel with the Crown Law Office – Criminal of the Ministry of the Attorney General of Ontario.

The idea behind the panel was to explore the implications of two bills, C-46 and C-47 for the preservation of Canadians’ privacy, and of their potential for broad infringement of our rights and liberties. The bills are ostensibly aimed at “modernizing” current the “lawful access” regime, which enables the state to access electronic communications data. While investigative powers are claimed to be central to the “rapidly evolving methods of crime”, there is the everpresent threat of abuse. As one audience member put it, you can’t rely on the “good men and women” of the state or its appointees. The law has to protect all interests, and seek a balance where these compete.

Norton gave an overview of “lawful access legislation” and its “modernization,” which has been on the state’s agenda since 2002. This has been the subject of some consultation (it was unclear how much or how broad) around updating the legal regime that deals with accessing the telecommunications of Canadians. The claim is that current rules are frustrating police investigations; proponents of Bills C-46 and C47 say proposed changes are mere “modernization” to keep pace with changes in technology. I am always suspicious of this disclaimer: it’s only technology, stupid. Where technology is used as an excuse for greater social control, I think we need to be extremely sceptical.

Opponents see the proposed legislation as an advance toward privacy invasion. At the least, the title of Bill C-46, Investigative Powers for the 21^st Century, suggests an overbroad jurisdiction. C-46 would require telcos to preserve and provide customer information on a standard of reasonable suspicion. This data could be obtained under two different types of judicial orders: a warrant (when the data is acquired in real-time), or a production order for historical data. Transmission data is who sent an email to whom and tracking data is the location of a specific technology at a particular time. Finally, C-46 it would give a new authority to activate tracking devices in customers’ technologies, such as cell phones.

According to the Department of Justice: “The amendments would create a preservation order that would require a telecommunication service provider (TSP) to safeguard and not delete its data related to a specific communication or a subscriber when police believe the data will assist in an investigation. A preservation order is a “quick-freeze”, temporary order, and would only be in effect for as long as it takes law enforcement to return with a search warrant or production order to obtain the data.”

A tracking order would “allow police to remotely activate existing tracking devices that are found in certain types of technologies (such as cell phones and tracking devices in some cars) and would also continue to permit the police to install a separate device that would allow for tracking. A new provision would also be added to allow peace and public officers to obtain the tracking information through a production order.”

The Canadian Internet Policy and Public Interest Clinic (CIPPIC) is concerned that the standard required for the production, preservation and tracking orders “will not meet the typical ‘reasonable and probable grounds’ level.  Even though the production order would not allow access to the content of private communications, dates, times, and header information on e-mail messages has the potential create a detailed picture of an individual’s social network, online activities, and personal interests.  The generation of such profiles ought only be allowed in the case where there are reasonable and probable grounds that the individual has committed a crime, and should therefore be granted by judicial authorization to that standard.”

Bill C-47, titled Technical Assistance for Law Enforcement in the 21st Century Act, “will not provide law enforcement or CSIS with any new interception powers, nor will it change or expand existing interception authorities in any way. Rather, it will address the challenges posed by modern technologies that did not exist when the legal framework for interception was designed nearly 40 years ago. Police forces and CSIS will continue to require warrants for interception,” according to Public Safety Canada. 

Bill C-47 has two components: Intercept and Subscriber Information. The Intercept component requires companies to upgrade their infrastructure to ensure they have capacity to monitor, capture, preserve information. The Subscriber Information component requires telcos to provide—without a court order—basic identifiers such as name, address, telephone number and Internet Protocol (IP) address, e-mail address, service provider identification and certain cell phone identifiers to police forces and CSIS in a “timely fashion.” Law enforcement would have to be authorized, the request would have to be made in writing, and it is all subject to internal audits and discretionary audits by the Privacy Commissioner.

Jennifer Stoddart, Canada’s Privacy Commissioner, has already weighed in with her concerns, noting that “Canada has a legal regime governing the use of surveillance that protects individual rights while also giving authorities access to communications when authorized. This framework has been carefully refined over decades by Parliament and the courts. To date, the federal government has presented no compelling evidence that new powers are needed.”

She further states that right balance between individual privacy and the legitimate needs of the authorities might be struck by “obliging the government to demonstrate that the expanded surveillance powers they contain are essential and that each of the new investigative powers is justified,” and “exploring the alternative that, should these powers be granted, they be limited to dealing with specific, serious crimes and life-threatening emergencies.”

David Murakami-Wood, Canada Research Chair and associate professor of Surveillance Studies at Queen’s University, took a broad perspective, and focused on the ethical and social implications of this new legislation. He also linked Canada’s efforts at the “modernization” of its lawful access regime to an international trend to expand the definition of lawful access as well as the definition of data—who owns it and who controls its flow? He argued that decisions made in Canada on such matters will have a ripple affect as other nations struggle to tame the wilds of cyberspace.

Robert Hubbard saw nothing particularly troubling with the proposed legislation. “Generally generally speaking [it is] no different than any other criminal legislation that involves a breach of expectation of privacy. The protection there by requiring judge to sign on to it. It is a species of warrant.” Hubbard said that in the criminal law context, it is “very consistent with laws there now that involve breach of privacy. Canada is about 10 to15 years behind in intrusion into privacy.”

The audience did not care much for Hubbard’s cavalier disregard for the potential threat this privacy invasion poses for democratic society and he took most of the heat during the Q & A. He was non-plussed, however, and repeated his central point, which was that the new powers would still require authorization by a judge, which he felt was a sufficient check.

Lisa Austin, who also works with U of T’s Privacy Project gave the lie to the assumption that a lawful access regime was mainly about balancing privacy against other interests, such as those of law enforcement. “We’re talking about a Charter right – not just an interest.”

Austin explained that certain criteria must be met for justifying the exercise of police authority—criteria that are constrained by notions of rule of law and accountability. She pointed out that the Privacy Commissioner has identified a lack of justification for privacy intrusion outlined in C-46 and C-47. “No systematic case has been made for need to circumvent current regime,” she noted, wondering further exactly how current provisions failed to meet the investigative needs of law enforcement.

Austin was concerned about what she called an infrastructure of surveillance being built into the communication systems, especially the internet. With this legislation, she said, “there is nothing you can do on the net that the police can’t identify.” Emerging case law, she added, seems to support warrantless access to people’s information: “there is no reasonable expectation of privacy.”

It took me almost five and a half years, from the first class to my final defense, but here it is: my dissertation. Maybe one day I’ll write about the emotional and personal cost of a PhD but for now, I’ll try to revel in the relief of completion. Comments, as always, welcome! And of course, it is copyleft. So share and share alike (but give credit where credit’s due!).

BTW did I mention I’m a doctor?

What's in your wallet? (photo by Smith)

I attended the opening for Sorting Daemons: Art, Surveillance and Social Control, which is being held in conjunction with the Surveillance Camera workshop I’m attending.

Information-gathering systems increasingly affect our lives, tracking our movement and consumer preferences. Such “sorting daemons” reinforce existing streams of influence and quietly create new ones. The artists in this exhibition take measure of our relationship to surveillance by addressing its social, political and aesthetic dimensions.

The photo above is a visual commentary on personal identity. The artist (David Kemp) asked 100 people to show him the contents of their wallets. Each “data set” was displayed on it’s own “canvas”, with some cards blacked out at the discretion of their owner.

Photographer David Kemp’s Data Collection project…probes attitudes towards the circulation of personal information in a stunning array of identity card “portraits.”

The multi-media exhibition features work by Brenda Goldstein, Antonia Hirsch, David Kemp, Tran T. Kim-Trang, Germaine Koh and Ian Verchere, Arnold Koroshegyi, Ruthann Lee, Michael Lewis, Jill Magid, Walid Ra’ad; Kathleen Ritter, David Rokeby, Tom Sherman, Cheryl Sourkes and John Watt. It runs at the Agnes Etherington Arts Centre at Queen’s University till April 18.

Placa de George Orwell - irony intended?

It’s been awhile since I’ve traveled by train, but yesterday I boarded old faithful VIA bound for Kingston for the SCAN workshop on camera surveillance in Canada. The workshop is part of the New Transparency project (and my new job). I’d forgotten how lovely the train is!

Clive Norris opened the workshop a public lecture on the global growth of CCTV. His work largely examines empirical research done on the efficacy of CCTV  in preventing and deterring crime, and in catching criminals. In brief, his findings are that there is a mismatch between social scientific evidence of CCTVs success and its global success as a crime prevention and reduction technology.

Technically CCTV is little more than some plastic, a lens, a few wires – a camera, a monitor and a video recorder. But early, rudimentary systems became more complex with the addition of cameras and complications began to emerge. Do you add more video recorders? How do you to manage all the data generated in a multi-camera system. What are the human (and therefore financial) resources required to support this? And what about the disconnect between observing crimes-in-progress, and deploying law enforcement?

These are all pressing questions that portray CCTV as a sociotechnical ensemble. Norris cautioned that CCTV should not be fetishized as a technology but remain firmly in its sociological, criminological and organizational context. Indeed, Norris traced the fast rise and proliferation of CCTV in England to an emotionally charged social moment: The abduction and brutal murder of James Bulger. The infamous footage of the toddler being led away by the 10-year-old boys who would soon beat him to death served as an implicit justification for the use of CCTV and as well as a warrant for its further implementation. As Norris pointed out, CCTV didn’t save Bulger, nor did the footage necessarily have an impact at trial, but it certainly fueled public outcry and moral panic, at a time of rising crime and general public anxiety. This thrust CCTV in the spotlight, presenting an opportunity which was seized upon by the UK government. Indeed, more intrusive surveillance technologies tend to be introduced after particularly traumatic events (such as 9/11), in times of high public anxiety.

Supported largely by public funding, CCTV quickly spread in England, with London fast emerging as the most surveilled city in the world. Europe, where privacy and data protection were more of a concern, followed more slowly. By the 2000s, however, CCTV began to diffuse across Europe. Today there is a massive deployment of CCTV within public infrastructure – railways, airports, subways, as well as in city centre streets.

Worldwide expansion  has made CCTV a lucrative industry, worth tens of billions of dollars, largely funded with public money. Yet the evidence of CCTV’s efficacy in preventing or deterring crime has largely been ignored. In any case, there is a dearth of evaluation, no requirement for evaluation to qualify for funding (post-9/11). Further, evaluation of CCTV by governments is not seemingly part of the policy agenda, but is rather conducted on a post-hoc basis and then ignored.

As far as its efficacy in crime deterrence, little is known. But Norris said much can be gleaned from the criminological literature. “When you’re pissed, you don’t give a toss about the camera. If you’re mad or high on cocaine, you won’t care if there’s a camera. And you’ve got to know it’s there for it to deter you.” There is also an assumption that police are willing and able to intervene in a crime-in-progress, he noted. “Police are not interested in attending low level disturbances revealed by CCTV.”

The evidence, said Norris, bears witness to a variety of outcomes. In some cases, there was actually an increase in crime, and a reduction in crime detection. Effectiveness was difficult to assess, and a number of technical (broken cameras, cameras not recording) and circumstantial (trees obstructing cameras) factors had an impact. The evidence shows that CCTV has no statistically significant impact on the crime rate.

With the evidence pointing to the relative ineffectualness of CCTV, why has it been so readily accepted? Norris puts it down to “the seduction of vision.” Seeing is believing. A picture is worth a thousand words. This simplistic interpretation, of course, has been reinforced by the media, which accentuates the few successful uses of CCTV in crime fighting. But this narrow frame does not include the millions of images that were never processed or those that were missed. It’s a highly selective narrative of CCTV, one that highlights its role in identifying culprits and bringing them to justice.

The “common sense” understanding of CCTV is as a benign or neutral technology that would be self-evidently desirable. From an evidentiary perspective, CCTV seems to supplant unreliable eyewitness testimony, providing a concrete account of events, because “the camera doesn’t lie.” This perspective is problematic, however, because it assumes the camera is the perfect witness – always watching, always recording and immediately able to give testimony, which it is not necessarily.

Norris concluded with a point of clarification: CCTV is primarily an instrument of policy, not crime prevention and reduction. It relies on public fear and a misunderstanding of what the technology can actually accomplish given its sociotechnical context. Indeed, Smith calls CCTV “a form of ’skotison’ – intentionally obscure speech or writing designed to confuse an audience rather than clarify an issue. Hence “CCTV” (now in quotes) does not “help us understand or appreciate the role of surveillance cameras – what they *really* are – in our society.”

For more on the Surveillance Camera workshop, see Smith’s blog.

Image from mindfully.org (with thanks).

I’m in session at the Surveillance Games Workshop, part of the New Transparency: Surveillance & Social Project (my new employer), at Simon Fraser University in rainy Vancouver. Lots of good sessions so far about citizen spying and state surveillance around mega-events, such as the Olympics. Neat bunch of folks, lots of talk about democratic interventions into society (aka activism), which is heartening. You can follow the live tweets coming fast and furious (smith is being particularly diligent), under the Twitter hashtag #sgw. Blogging is mildly passé…

Remember Channel Zero? An oldie but goodie:

Confessions of a Surveillance Society

The open source method used for evil.

CIA invests in software to monitor social media… Bloggers beware!

The Electronic Frontier Foundation reported on a bogus “secret” subpoena issued by the FBI to Indymedia. The subpoena requested the following: “All IP traffic to and from www.indymedia.us” for a particular date, including “IP addresses, times, and any other identifying information.” Writes the EFF senior staff attorney:

“the government was asking for the IP address of every one of indymedia.us’s thousands of visitors on that date — the IP address of every person who read any news story on the entire site. Not only did this request threaten every indymedia.us visitor’s First Amendment right to read the news anonymously (particularly considering that the government could easily obtain the name and address associated with each IP address via subpoenas to the ISPs that control those IP blocks), it plainly violated the [Stored Communications Act]’s restrictions on what types of data the government could obtain using a subpoena. The subpoena was also patently overbroad, a clear fishing expedition: there’s no way that the identity of every Indymedia reader of every Indymedia story was relevant to the crime being investigated by the grand jury in Indiana, whatever that crime may be.”

Now Geek Feminism interviews the female sysadmin who blew the whistle… check it here.

Some rad folks have been organizing, lobbying and generally raising a ruckus around the corporate-sponsored push to close down the internet, commodify internet travel (using surveillance and discriminatory practices) and generally mess with net neutrality. The work is largely volunteer-driven, natch, and donation-funded. That’s why the SaveOurNet cats are hosting a fundraiser – a film screening and dance party at the ever-cool Gallery Gachet in Gastown on Saturday June 20. It’s also the after-party for ChangeCampVancouver, an unconference to reimagine government and citizenship in the age of participation. There are some wicked DJs, including Quest Poetics, Mello Black, Mario Vaira and DJ Hayze, among others. There will also be a screening of RiP: A Remix Manifesto, from Web activist, filmmaker and Vancouver native Brett Gaylor, starting at 6pm. Ima be there… and if you wanna getcher groove on, you can reserve your ticket here.

I am a supporter and user of free software (though I admit I have not migrated entirely). I research and write about the social movement aspect of free software, and its potential as a model for alternative social organization beyond the realm of software development. I am inspired by the future envisioned by free software and take heart from its existence here and now.

All these things are true. Yet a faithful reader emailed me the other day to point out the inconsistency between my theoretical stance on free software, and my use of proprietary software. In my last post, I uploaded my conference presentation, Talking to Tech Activists: Another (Cyber)World is Possible, as a Word document, and the slides as PDF. I am well aware of this inconsistency – contradiction, really. In fact, I originally uploaded the presentation as an Open Office document. But then I recalled all the emails I get from folks who can’t open my OOo docs, and how I am constantly converting and resending these docs as proprietary files. It occurred to me that my readers – who knows how many – might not be able to open these files. I thought of those not savvy enough, or concerned enough to take the time to download Open Office (it’s free!) just to read something on my blog. So I weighed it in my mind: remain consistent and “true” to my work and beliefs; or, in the interest of broadly promoting free software and the various ideas contained in my work, upload the files in a format more likely to be more accessible to all.

I think I made a mistake.

It’s not the first time a free software advocate/user has pointed this inconsistency out to me. After my talk to the Vancouver Linux Users Group, I received another email, rather caustic, calling me on the carpet for presenting on free software using proprietary software. It was after that I switched to Open Office. Now I have the latest version of Ubuntu, ready to be installed (I just need to clear a day for technical maintenance and make the switch). It’s fair to say I have come a long way.

I have always liked and embraced Marx’s idea of praxis: the notion that theory without action is useless and action without theory even more ridiculous, and ultimately unsustainable. From the beginning of my academic career, I have criticized the academy for being out of touch with reality, for navel gazing and other forms of theoretical narcissism. I intended to be an activist, starting from the inside and working out, connecting ideas to action for social change “on the ground.” Not an academic content to warehouse my ideas securely within the ivory tower, speaking jargon to a select chosen few.

As I have traversed the long and twisty path to become a professor, I have tried to do this, to walk the walk, to be an authentic activist-scholar. And I thank my fellow activists, readers and practitioners for helping me in this. That is truly the wiki way. I cannot do my work without your help.

I told my faithful reader that I would write this post, putting up my presentation and slides as free software documents. And that I would encourage all my readers to download Open Office and give it a whirl. It’s like when you switched over to Firefox. Just as easy. Just as cool. And then you’ll be one little bit less a part of the Microsoft Evil Empire… But that’s another post…

My free software presentation is here.

My free software slides are here.

J’espère que vous appréciez et je fais bon accueil à vos commentaires!