We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

House of Fraser to Attach RFID Tags to Clothes

Logistics company Excel has announced an RFID trial with the UK retailer House of Fraser. RFID tags will be “attached directly to garments providing the scope to track shipment movements at item level”.

No comment is made as to whether the tags will be disabled and/or removed at point of sale.

Press release available here.

Cross-posted from the shiny new RFID Scanner

Overprotected data?

Here is an interesting piece about the impact of the Data Protection Act on the world of higher education. As so often, the attempt to suppress badness results in the suppression of, if not goodness, then at least the entirely reasonable.

Intrusive Application Forms

Government invasion of privacy – for example via Identity Cards – is high profile. Arguably a greater danger is when society itself ceases to respect privacy and believes it OK to breach it as a matter of course.

I’ve recently learned via the Liberty discussion board and handbag.com about an organisation called Millenium AuPairs.

I must stress that as far as I know this organisation is entirely reasonable and above board. Unfortunately their application form is not. See here:

Millenum AuPairs registration form

Now, the question about weight might be non-PC, but that’s not the issue. Scroll down and you see that they are asking prospective nannies if they have “ever been a victim of sexual, emotional or physical abuse?”. And “If you have answered yes to any of the above, please give details”. Details!

This is outrageous. Why ask? Are they assuming that victims of abuse are more likely to be abusers? I don’t know. What I do know is that this question is an invasion of privacy.

As chocalatedrop put it on handbag.com:

can you imagine someone asking if you’d ever been raped on an application form in as many words, because this is what is being asked.

OK, this probably doesn’t affect you today. But imagine if this sort of intrusive question becomes accepted practice on any application form…

Safeway: RFID will become “ubiquitous”

Silicon.com reports that the controversial radio frequency ID (RFID) tracking tags will become ubiquitous in consumer goods but privacy issues, standards and cost need to be addressed first, according to a senior executive of UK supermarket chain Safeway.

Safeway ran an RFID pilot with Unilever last year on 40,000 cases of Lynx deodorant tracking them from the factory through to the shelves of three stores and, in an exclusive interview with silicon.com, Safeway CIO Ric Francis said that while the company has no immediate plans to use RFID, the pilot did enough to convince him that the technology is absolutely key to the future of the retail sector.

We see that as a long-term investment. RFID is clearly going to be hugely important to the retail business. My biggest fear about RFID is that if we all try and do independent things we’ll end up with a range of standards that is not sustainable for the industry as a whole.

As and when it becomes cheap enough it will be important from the consumer point of view as well. That will start, I think, with higher value items and will come down and down throughout the sales portfolio. If these things end up being a penny a go, which I’m sure they will be at some point in time, then that will be a route to implement in a ubiquitous nature.

The hope is that once the standards are in place and the cost of the RFID chips drops, then the technology will become an unseen and accepted part of shopping.

Snooping industry set to grow

A kind reader provided a link to an article by the BBC warning that snooping powers given to more than 600 public bodies look set to create a small industry of private firms that will help process requests for information about who people call, the websites they visit and who they swap e-mail with. One firm, called Singlepoint, has been specifically created to act as a middleman between the bodies that want access to data and the net service providers and phone operators that hold it.

We saw an opportunity for a business or a facility that could provide secure processing for the data requests that will come out of this legislation.

Singlepoint spokesman explained that without Singlepoint it would be more difficult and costly for public authorities to request data as they would have to set up relationships with all of the UK’s communication service providers. Instead, Singlepoint was setting up a system that would automatically route requests for information to relevant net or phone firms.

The Home Office estimates that up to 500,000 requests per year are made for information about who pays for a particular phone or web account. About 90% of these requests are for subscriber information. Singlepoint estimates that there could be millions of requests per year. Most of these requests are made by the police but approximately 4% are made by the many public authorities that have had new powers granted under RIPA (Regulation of Investigatory Powers Act).

Other firms are starting to set themselves up as trainers for people within public bodies involved with investigations.

the Home Office was keen to get firms offering courses because the police did not have the resources to take on the training of these public body workers itself.

Bodies granted snooping powers include the Serious Fraud Office, all local authorities and councils plus other organisations such as the Charity Commission and the Centre for Environment, Fisheries and Aquaculture Science.

When proposals to grant these snooping powers were first aired in mid-2002 they were greeted with alarm by privacy advocates and civil liberty groups.

A campaign co-ordinated by the FaxYourMP website prompted the government to withdraw its proposals. However, following a consultation exercise the proposals were resurrected and the powers granted in a series of statutory instruments issued in November 2003.

Errant E-Mail Shames RFID Backer

Wired reports that the companies and organizations behind radio-frequency identification tags are scrambling to improve their image by promising to protect the privacy rights of consumers, after they were caught trying to dig up dirt about one of their most effective critics. They also announced development of devices that disable RFID tags, which they are placing on everything from shampoo bottles to suit jackets in the United States and Europe.

Privacy groups, led by Consumers Against Supermarket Privacy Invasion and Numbering (or CASPIAN), fear that businesses and governments can use those signals to track individuals’ movements inside stores and in public places. One organization may have been shamed into soliciting CASPIAN’s advice, however. The Grocery Manufacturers of America this week inadvertently sent an internal e-mail to CASPIAN suggesting it was looking for embarrassing information about the group’s founder, Katherine Albrecht.

The e-mail, written by a college intern at GMA, reads:

I don’t know what to tell this woman! ‘Well, actually we’re trying to see if you have a juicy past that we could use against you.’

Wal-Mart, which tested RFID tags and readers in at least two of its stores last year, said it would adhere to the RFID privacy guidelines published by EPCglobal, the EPC standards body. The guidelines require companies to publicly state how they plan to use data collected from the EPC tags. Wal-Mart spokeswoman Sarah Clark insists:

We understand and care about the concerns that some of our customers have about privacy and, as always, we put our customers’ needs first.

CASPIAN’s Albrecht said she welcomes tag-killing technologies, as well as the overtures by RFID users who want to work with her.

I just hope they’re looking for a real dialogue about the implications of this technology and not simply trying to appear concerned.

Privacy law promised in Ontario

The Toronto Star story is here.

Oh dear. It seems that they have a privacy “czar” in those parts. I don’t think of czarism as being especially good for the rights of the citizenry, do you? Be careful you don’t ever get accused of violating it, no matter how sensibly or blamelessly.

Arizona school installs facial scan system

USA Today reports that face-scanning technology designed to recognize registered sex offenders and missing children has been installed in a Phoenix school in a pilot project that some law enforcement and education officials hope to expand.
Two cameras, which are expected to be operational next week, will scan faces of people who enter the office at Royal Palm Middle School. They are linked to state and national databases of sex offenders, missing children and alleged abductors.

Maricopa County Sheriff Joe Arpaio, a tough-talking sheriff who has previously gained notoriety for his chain gangs and prison-issued pink underwear said:

If it works one time, locates one missing child or saves a child from a sexual attack, I feel it’s worth it.

Civil libertarians have raised red flags about the idea, pointing to potential privacy violations, and biometrics experts say facial recognition programs are not foolproof.

How Much Is Privacy Worth?

Wired has an article about the Supreme Court hearing on whether the federal government should reimburse individuals whose sensitive data was disclosed illegally, even if no harm can be proven.

At issue before the court, according to privacy advocates, is how valuable privacy really is. The Privacy Act of 1974 prohibits the government from disclosing private information intentionally, without the individual’s consent, and provides for a $1,000 minimum fine if the individual is “adversely affected.”

Marcia Hoffman, staff counsel at the Electronic Privacy Information Center, argues that Congress preset the penalty precisely because it is so hard to put a price on an abstract concept such as privacy or to prove damages in absence of others’ misuse of that data.

If your Social Security number is disclosed, there is a real potential harm from identity theft.

Lucy Dalglish, executive director of the Reporters Committee for Freedom of the Press, argues that if the government has to pay damages in the case of any improper release of someone’s Social Security number, then reporters will not get information from the government that they need and are entitled to.

In the spirit of releasing as much information to the public as possible, we think he should have to prove damages. If every time you release information about an individual, you are going to be threatened with this $1,000-per-record fine, you are going to have agencies so nervous that they are going to err on the side of not turning over something. Government guardians of information are going to be way overly cautious.

And we would not want the government agencies nervous, would we…?

Turning tradesmen into government agents

There’s a Reason online article here, and comments about it all on the Reason blog here, about this:

One night a few weeks ago, I was half-watching a black-and-white, early ’60s episode of The Andy Griffith Show on TV LAND (Episode 60, “The Bookie Barber”), when, all of a sudden, the homespun wisdom of Griffith as Sheriff Andy Taylor touched on today’s heated debate over how to balance individual privacy with security. Andy responded to a suggestion by his deputy Barney Fife by saying: “You can’t ask a private citizen to become a police spy. It’s too dangerous. Something could go wrong.” The statement jolted me, and I thought, if only Sheriff Taylor had been there to offer this profound piece of advice to the Republicans and Democrats writing the USA PATRIOT Act.

Title III of the act, which contains provisions to counter money-laundering, requires a host of private businesses to become “police spies” on their customers. These little-known provisions of the much-talked about law draft a substantial number of private-sector employees as citizen soldiers in the war on terrorism as well as on the broadly-defined crime of “money laundering.”

Says commenter James Merrit:

A free people, empowering a government that acts consistent with the ideals of freedom, will have the minimum to fear from terrorists. It won’t be a perfect world, or a world without danger, but it will be the best we can hope for. We need to reject the fear-based policies and concentrate on freedom-based ones, starting as soon as possible. Do not empower the fascists; do not empower the socialists. We’ve seen where their roads lead. Empower those who uphold the principles of freedom in word and deed. Making a good start really is as simple as that.

We have similar money laundering stuff here in Britain as well, as David Carr explains.

And turning traders into government stooges has also been here a long time. If you buy a TV, the shop you buy it from has long wanted to know who you are so that it can tell the government and the government can check that you’ve got a TV license. If you refuse to say who you are, you are liable to end up not buying the TV, as Michael Yardley explains in the latest Spectator:

They changed tack. ‘You’ve got to give us your name and address or you can’t have the television.’ ‘But I’ve paid for it.’ ‘You can’t have it.’ At this point, perhaps I should have walked out of the shop with the television and risked prosecution for some unspecified offence in Kafkaesque Britain. I went for the less dramatic option. ‘Well, I’ll have my money back.’ The first response from the shop staff was that this was impossible. They backed down when I pressed the point. I was directed to ‘customer services’. A credit was made to my card. I left without a television. What a palaver.

Driving home, I thought back to the last time I had bought a television, ten years or more ago. I had a dim memory of being asked for my name and address ‘for the guarantee’. It wasn’t for that purpose, I now knew. It was a ploy to get the information for the faceless ones. …

Not so funny junk mail

Googling “privacy” took me to this piece about the problem of junk mail sent to dead people.

After this scribe found black humor last year at the ceaseless stream of direct mail advertising directed at my recently deceased partner, an admonition arrived from a reader who lost her husband in 1999.

“Write about this again in a year,” she said. “The junk will just keep arriving, and by then you may have stopped laughing.”

Yes it really isn’t that funny, especially as the failure to find good ways to stop junk mail (and junk email) will mean bad ways, i.e. ways that don’t stop the junk, but stop other things which are good, like, I don’t know, freedom of communication.

Congress Puts Brakes on CAPPS II

Wired reports that Congress delayed the planned takeoff of a controversial new airline passenger-profiling system until an independent study of its privacy implications and effectiveness at stopping terrorism can be completed.

A congressional conference committee, which was reconciling the Senate and House versions of the Department of Homeland Security’s budget for next year, opted to keep the Senate’s stronger language that prohibits deployment of the Transportation Security Administration’s CAPPS II program until the General Accounting Office certifies to Congress that the system will not finger too many innocent passengers.

The study will also check whether the system will effectively pinpoint terrorists, and whether an appeals system is in place for those delayed or prohibited from flying. CAPPS II is intended as a high-tech replacement for the current system, which simply checks passenger names against a list of suspected terrorists.

The new system will require passengers to provide airlines with additional information, which the agency will check against commercial databases and a watch list of suspected terrorists and people wanted for violent crimes. The system will then color-code each passenger, according to decisions made by the system’s pattern-matching algorithms.

An ideologically diverse coalition of civil-liberty advocates oppose the project, saying the system would be Big Brotheresque and ineffective.

This is far from won but at least it is a step in the right direction. Most likely the GAO study will be done, the boxes ticked and the next terrorist attack will result in yet another series of knee-jerk reactions from governments. But I would like to be proven wrong.