We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.
Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]
|
The Australian government has long desired to force ISP’s and Internet content Hosts to take responsibility for the activities of their clients. An attempt to do this in 1999 was defeated, but the authorites are back for more.
The draft bill states that ISPs are required to determine whether their services are used for “illegal conduct or speech.”
Paragraph 152 of the Explanatory Notes to the draft bill says that “Possible action that could be taken by ISPs and Internet Content Hosts (ICHs) so as not to facilitate use of a carriage service by another person that breaches proposed subsection 474.16(1) includes an ISP ceasing to provide Internet services to that person or an ICH ceasing to host a particular Website containing content that breaches the proposed offence.”
Obviously, the implication is clear- should this measure get up, ISP’s will be legally required to be much more aggressive in their surveillance of their customers; a gross breach of their privacy.
(Via Whirlpool.net.au)
Via b3ta.com, I came across a nice piece of White Rose Relevant graphics, here.
Since I don’t know what the policy is here about pictures, and in any case do not have picture posting privileges, but since b3ta.com is such a Niagara of pictorial diversions, here today and gone tomorrow, I nailed down the relevant image here, amidst appropriately educational commentary.
“Money grabbing gits!” is what b3ta said. Would that our money was the only thing in danger here.
From the BBC last Friday:
Nearly 200 people have been wrongly accused by the Criminal Records Bureau of having criminal records.
The names of 193 people were mistakenly linked with convictions held on the police national computer (PNC), BBC Radio Five Live has learned.
In some cases the names of those being vetted by the bureau were similar or identical to those of actual criminals.
In others, the criminals had given someone else’s personal details to the authorities to avoid a police record.
The Criminal Records Bureau, which came into operation in March 2002, does background checks on those who work with children or vulnerable people.
They made this number of mistakes (that they already know of) in the criminal record list, which is only a minority of the population. How many would they make if the list contained, or was supposed to contain, everybody?
What is scary about this kind of thing is when the information-that-isn’t starts to really get around, into several different data bases at once. At that point it becomes extremely hard to eradicate. Something like a false reading on sexual perversion (which is what these background checks for working with children and vulberable people are all about) is liable to spring to life again after previously having been eradicated, supposedly. After all, you can’t be too careful, can you?
Wired has a follow-up reporting on the controversy surrounding the airline companies hand-over passanger data to government contractors (TSA)designing and testing CAPPSII in 2002.
Two senators on Wednesday asked the Transportation Security Administration whether the agency violated federal rules by helping its contractors acquire passenger data, and why the agency told government investigators it didn’t have such data.
The senators also pressed the TSA for an explanation of why it hadn’t revealed the transfer of millions of passenger records to government contractors. Senate members had asked TSA officials directly whether they had done so, but the answer was no.
Two TSA agency spokesmen also denied to Wired News that any data transfer had taken place, saying that the project did not need data at the time.
But this week, American Airlines became the third airline to reveal that it turned over millions of passenger records to the government without informing the passengers. JetBlue and Northwest Airlines had earlier revealed that they too had transferred passenger records to government contractors. For the past eight months, TSA officials and spokesmen have repeatedly denied that any data transfer occurred. Two senators, Susan Collins (R-Maine) and Joe Lieberman (D-Connecticut) wrote:
We are concerned by potential Privacy Act and other implications of this reported incident. Moreover, TSA told the press, the General Accounting Office and Congress that it had not used any real-world data to test CAPPS II.
American Airlines has now indicated that it provided over 1 million passenger itineraries at TSA’s request, which raises the question of why agency officials told GAO that it did not have access to such data.
And there was much fudging as you can read in the article…
The U.S. Department of Transportation’s Federal Highway Administration is working with four companies to develop new radio-frequency identification technology for roadways. Officials see RFID as a way to warn drivers of, for instance, impending intersection collisions and vehicle rollovers.
Specifically, the government and vendors are investigating technology called dedicated short-range communications, which is related to RFID. The vendors are Mark IV Industries, Raytheon, Sirit, and TransCore.
A prototype system co-developed by the quartet is expected to be ready for testing in about 18 months. The Federal Communications Commission has assigned a block of high-bandwidth radio spectrum for dedicated-communications products–5.850 to 5.925 GHz.
The news just goes from bad to worse on the RFID front. Trevor Mendham quoted Tesco CEO Sir Terry Leahy as saying that RFID tracks products, not people, but American tech company Applied Digital Solutions, through it’s subsidiary Verichip Corporation, has already broken through that barrier.
They have developed a RFID product that is implanted in the victim.
The VeriChip minaturized Radio Freqency Identifcation (RFID) Device is the core of all VeriChip applications. About the size of a grain of rice, each VeriChip contains a unique verification number, which can be used to access a subscriber-supplied database providing personal related information. And unlike conventional forms of identification, VeriChip cannot be lost, stolen, misplaced or counterfeited.
Once implanted just under the skin, via a quick, painless outpatient procedure (much like getting a shot), the VeriChip can be scanned when necessary with a proprietary VeriChip scanner. A small amount of Radio Freqency Energy passes from the scanner energizing the dormant VeriChip, which then emits a radio frequency signal transmitting the individuals unique verification (VeriChipID) number. The VeriChip Subscriber Number then provides instant access to the Global VeriChip Subscriber (GVS) Registry – through secure, password protected web access to subscriber-supplied information. This data is maintained by state-of-the-art GVS Registry Operations Centers located in Riverside, California and Owings, Maryland.
It’s a password protected website- anyone with knowlege of the internet knows that password protected websites are not that secure; anyone that says that they can guarantee the security of such a webserver is whistling in the wind.
It’s rather like that dreadful George Lucas film, The Phantom Menace, where the slaves are fitted with a tracking device. Verichip Corp. doesn’t have slaves in their sights as a target market- they have a wider target market in mind.
VeriChip products are being actively developed for a variety of security, defense, homeland security and secure-access applications, such as authorized access control to government and private sector facilities, research
laboratories, and sensitive transportation resources, including the area of airport security.
In these markets, VeriChip is able to function as standalone
personal verification technology or it is able to operate in conjunction with other security devices such as ID badges and advanced biometrics.
In the financial arena, VeriChip has enormous potential as a personal verification technology that could help curb identity theft and prevent fraudulent access to banking and credit card accounts.
In other words, they are after a world where everyone is fitted with these devices. Does Big Blunkett own shares in this company? At the moment, they are working with gun manufacturers. Who will be next?
This editorial by Electronic security expert Bruce Schneier that was published in the Minneapolis Star Tribune does a pretty good job of demolishing the case against compulsory ID cards. The case is a pretty familiar one to readers of this site, but the main points are there: it’s not about the card itself, it is about the people who use it and check for it. And the question really is does the card help or hinder them in improving security, and does it help or hinder them if they wish to break the rules themselves, and in any event, knowing someone’s identity doesn generally greatly help in knowing their intentions.
In fact, everything I’ve learned about security over the last 20 years tells me that once it is put in place, a national ID card program will actually make us less secure.
My argument may not be obvious, but it’s not hard to follow, either. It centers around the notion that security must be evaluated not based on how it works, but on how it fails.
It doesn’t really matter how well an ID card works when used by the hundreds of millions of honest people that would carry it. What matters is how the system might fail when used by someone intent on subverting that system: how it fails naturally, how it can be made to fail, and how failures might be exploited.
The first problem is the card itself. No matter how unforgeable we make it, it will be forged. And even worse, people will get legitimate cards in fraudulent names.
Two of the 9/11 terrorists had valid Virginia driver’s licenses in fake names. And even if we could guarantee that everyone who issued national ID cards couldn’t be bribed, initial cardholder identity would be determined by other identity documents … all of which would be easier to forge.
Not that there would ever be such thing as a single ID card. Currently about 20 percent of all identity documents are lost per year. An entirely separate security system would have to be developed for people who lost their card, a system that itself is capable of abuse.
Additionally, any ID system involves people… people who regularly make mistakes. We all have stories of bartenders falling for obviously fake IDs, or sloppy ID checks at airports and government buildings. It’s not simply a matter of training; checking IDs is a mind-numbingly boring task, one that is guaranteed to have failures. Biometrics such as thumbprints show some promise here, but bring with them their own set of exploitable failure modes.
But the main problem with any ID system is that it requires the existence of a database. In this case it would have to be an immense database of private and sensitive information on every American — one widely and instantaneously accessible from airline check-in stations, police cars, schools, and so on.
The security risks are enormous.
→ Continue reading: Bruce Schneier on why ID cards will not make us safer
Plenty of people around the world by now know of the allegations of philandering made against the English footballer David Beckham, based on claims made to the media, and also on transcripts of SMS phone messages that are said to have been sent between Beckham and one Rebecca Loos.
The ins and outs of the affair are none of our concern, but what did concern me was this explainatory article in The Advertiser:
He apparently even has offered to produce his mobile phone records to prove his innocence. It may surprise some mobile phone users that some carriers retain details of text messages.
In Australia, Telstra keeps SMS messages for up to 28 days and Optus keeps theirs for three days.
I have three questions here. First, why are telephone companies keeping records of these things at all, and second, why is there such a large difference between Telstra, the dominant company that is still half owned by the government, and Optus (which is now owned by Singtel, the phone arm of the Singaporean government.) And thirdly, why are these messages apparently so insecure?
One of the problems with governments collecting and controlling data on individuals is their failure to secure this information. As a recent article in The Register demonstrated, the number of incidents involving computer systems in the civil service is high.
There are a number of serious concerns including inappropriate access of personal records, inappropriate alteration of personal records and their appropriation by a third party. This has been a problem for some time with Inland Revenue staff noted for “celebrity browsing” tax returns. These concerns are hidden within general figures for computer misuse that number up to two thousand. As these are the cases where such changes were noted and disciplinary action brought against the civil servant involved, it is impossible to gauge the seriousness if this problem.
Even after the data has been collected by the civil service agency, it is difficult to ensure that the information is accurate, secure and used only for the purposes required. This could be a minor problem or the tip of the iceberg.
David Blunkett said (on April 7) that he was pushing on with plan for an ID card, with a draft bill to hit Parliament within months. The ID cards will contain biometrics and may be in the wallets of UK citizens by 2007 at the earliest. Blunkett told Radio Five Live that the introduction is necessary to give the government better control over immigration and prevent terrorists using multiple identities.
Blunkett, however, acknowledged that getting compulsory ID cards into law wouldn’t be an easy process. “It would be very surprising if there were not misgivings,” he said. A number of high-profile Cabinet colleagues have expressed objections to the scheme, including Home Secretary Jack Straw and Trade and Industry Minister Patricia Hewitt.
He also admitted there were practical issues to be overcome before the cards were made compulsory. Among them, that Parliament could only vote on the issue of making the cards compulsory when 80 per cent of UK citizens carried them anyway and that estimates of how much the introduction would cost the taxpayer differ wildly – from around £1bn to around £3bn.
While biometrics are high on the UK government’s love list, the rest of the Europe is taking a step back from the idea.
The civil liberties wing of the European Parliament has delayed proposals for biometric passports until the tail end of this year, after elections to the parliament have taken place. MEP Ole Sørensen said
The European Parliament is [currently] not in a position to endorse the proposals… We need proper democratic scrutiny of this far-reaching legislation, which in the worst case scenario could represent a step towards systematic registration of EU citizens’ personal data.
I am currently re-reading Are We At War?, a collection of letters to the Times 1939-1945. (Pub. Times Books 1989.) Here are some extracts from letters on the subject of identity cards:
From a letter from Antony Wells:
Sir, -While obtaining, recently, a National Registration identity card for my small daughter, I remarked that it was pleasant to think all this bothersome business would soon no longer be necessary. I was blandly informed by the clerk that my expectation was quite wrong, since registration was to continue after the war. On looking at the card in my hand, I discovered it was valid until 1960.
In happy fact, identity cards were seen off as a result of a court case soon after the war. But the fact that the government saw fit to plan for them to expire so many years after issue shows how purported “emergency measures” have a way of becoming permanent. The letter was written in December 1944 and the war was quite clearly nearing its end; the government could not have seriously believed it would go on until 1960.
This second extract comes from a letter from (Baron) Quickswood:
…Such cards may seem only a small inconvenience, but they are seriously dangerous to liberty in two ways: -First, they facilitate all sorts of further regimentation of citizens, and that is, of course, why it is desired to retain them; secondly, they have a most mischievous moral effect in treating the individual as a numbered item in the aggregate that makes up the State. There lie before us two alternative conceptions of the State: it may be thought an organization useful to individuals and essentially their servant, or it may be thought a pagan demigod for whom the individual exists, whose service is his greatest glory and whose supremacy is without limit.
…We have to fear an Anglicized totalitarianism, humane and benevolent but esentially destructive of personal liberty and initiative; and there will be a strong coalition of philanphropists and bureaucrats eager to regulate their fellow-citizens. We must be jealous for our liberties, and to begin with must resist being numbered by convicts in order to facilitate our servitude.
I have nothing to add to that.
Unpersons alerted us to the news that from today British police may legally and against the will of any law-abiding subject, take DNA samples and fingerprints from any arrested person without that person having even been charged with committing a criminal act.
We can but echo the good Unpersons concerns:
The law now leaves British police officers free to help Blunkett establish one of the most ambitious and truly disturbing elements of the British police state that he has slowly but surely been working to create over the last few years. In a country where the state can take over half of your income, charge you expenses when it wrongly imprisons you – yet fail to defend you after it has crushed the right to self-defence, send parents to jail for not sending their children to state day-care centres schools, steal your property because ‘you couldn’t possibly have earned that much money without selling illegal drugs’ whilst slowly handing over control to a foreign power, attempt to dictate what you eat ‘for your own good’ and generally treat its citizens as its troublesome children one has to wonder to what extent we already live in a police state.
This has not been a good week.
|
Who Are We? The Samizdata people are a bunch of sinister and heavily armed globalist illuminati who seek to infect the entire world with the values of personal liberty and several property. Amongst our many crimes is a sense of humour and the intermittent use of British spelling.
We are also a varied group made up of social individualists, classical liberals, whigs, libertarians, extropians, futurists, ‘Porcupines’, Karl Popper fetishists, recovering neo-conservatives, crazed Ayn Rand worshipers, over-caffeinated Virginia Postrel devotees, witty Frédéric Bastiat wannabes, cypherpunks, minarchists, kritarchists and wild-eyed anarcho-capitalists from Britain, North America, Australia and Europe.
|
