We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

Attention, Shoppers: You Can Now Speed Straight Through Checkout Lines!

Josh McHugh in Wired has a feature on RFID chips in supermarkets. He describes his visit to the Future Store built by European retailer Metro to be the premier live testing ground for RFID tags.

Thanks to the coordinated efforts of the world’s biggest retailers and manufacturers, not to mention the persistence of former lipstick marketer Kevin Ashton, these little tags are about to infiltrate the world of commerce. Depending who you ask, RFID tags constitute:

  1. the best thing to happen to manufacturing since the cog.
  2. the biggest threat to personal privacy since the crowbar.
  3. the near-exact fulfillment of the Book of Revelation’s description of the mark of the beast.

There’s a compelling argument for each of these perspectives – including number three.

He explains why manufacturers and retailers alike are so eager to implement RFID technology. It is mostly about the supply chain margins.

Retailers are even keener to get their hands on the sort of information RFID tags promise to reveal. The way it works now, all the little kinks along the supply chain accumulate in the lap of retailers, which take delivery of products without knowing whether the shipments are correct until they’re unpacked. The average rate for shipping screwups is 1 in 20. That’s a big part of why margins in the retailing business are so thin – average net profit for supermarkets is 1 percent – and precisely the reason that Wal-Mart, Target, and Metro have given their top suppliers six to nine months to start slapping RFID tags onto crates and delivery pallets. Manufacturers want this technology, but retailers need it.

RFID will be good for the customer too. Shopping will be much easier and the information gathered about their shopping behaviour will result in a closer match between demand and supply.

There is more, especially on the argument opposing RFID that we have written about here already. It is worth reading the whole thing.

VoIP catches Big Brother out

Yesterday Michael Jennings introduced me to Skype, a sort of instant messaging program that is very good at voice communications. This is part of an ongoing trend which is seeing computer networks challenge the traditional telephone networks for business.

Because rather then pay a large sum of money to make an international phone call, I’m now able to speak with Michael in London from my Australian home, for free, and with a better sound quality then I was able to do before.

So as you can imagine, it is a time of fast change in the telephone business. This has implications wider then the share prices of telephone companies.

To encourage take up of VoIP, legislation has been introduced in the US Senate, by Senator John Sununu. The VoIP Regulatory Freedom Act of 2004 is designed to exempt this technology from most state and federal regulations.

Needless to say there’s been plenty of opposition to this. Much of the opposition comes from self-interested telephone companies, but the US Dept of Justice is not happy either.

The VoIP Regulatory Freedom Act of 2004, sponsored by Senator John Sununu, would exempt VoIP service from a wire-tapping regulation called the Communications Assistance for Law Enforcement Act, or CALEA, commonly used to listen in on traditional telephone calls, said Laura Parsky, deputy assistant attorney general for the DOJ’s criminal division.

“I am here to underscore how very important it is that this type of telephone service not become a haven for criminals, terrorists and spies,” Parsky told the Senate Commerce, Science and Transportation Committee Wednesday. “If any particular technology is singled out for special exemption from these requirements, that technology will quickly attract criminals and create a hole in law enforcement’s ability to protect the public and national security.”

You can read Laura Parsky’s complete testimony here

What this statement is all about is that the Dept of Justice has got quite accustomed to using the wiretap to track down undesirables and is most unhappy that this legislation might prevent them from doing so in the future.

This is part of a wider trend that I suspect we will see more of, with people taking the opportunity to try out new ways of communicating with each other, and regulatory agencies scrambling to keep up. In the United States, there are US Senators who seem, like Senator Sununu, who consider privacy issues and freedom from regulation important. I fear that when the EU catches up, as it surely will, that those issues will be the least of the concerns of the people who draft the regulations.

RFID-enabled license plates to identify UK vehicles

RFID news reports that the UK-based vehicle licence plate manufacturer, Hills Numberplates Ltd, has chosen long-range RFID tags and readers from Identec Solutions to be embedded in licence plates that will automatically and reliably identify vehicles in the UK.

The new e-Plates project uses active (battery powered) RFID tags embedded in the plates to identify vehicles in real time. The result is the ability to reliably identify any vehicle, anywhere, whether stationary or mobile, and – most importantly – in all weather conditions. (Previous visually-based licence plate identification techniques have been hampered by factors such as heavy rain, mist, fog, and even mud or dirt on the plates.)

The e-Plates project has been under development for the past three years at a cost of more than £1 million, and is currently under consideration by a number of administrations. It is hoped that e-Plate will be one of the systems trialled by the UK Government in its forthcoming study of micro-chipped licence plates.

Brought to my attention by Stephen Hodgson of Unpersons.net. Thanks.

Guilty until proved innocent

It is a long time since I have contributed anything to White Rose. And it is a long time since this article by journalist and novelist Alexandra Campbell appeared, in the Telegraph, on May 14th. Apologies on both counts, but better occasional contributions and late reports of White Rose relevant material than never, I hope you agree.

This article did not just appear in the Telegraph. It was also reproduced in full, in the “last word” slot, towards the end of the “all you need to know about everything that matters” magazine (i.e. lots of good bits from all the different British newspapers) The Week, of May 29th, Issue 462. That was where and (approximately) when I first read the piece.

Ms. Campbell, on the basis of vague CCTV “evidence”, was falsely accused of a crime, and it took a scarily long time for the system to stop persecuting her.

Concluding paragraphs:

“In theory,” said Mark, “it’s innocent until proved guilty. In practice, whoever makes the allegation first is believed.”

Now that we are all picked up on CCTVs up to 300 times a day, and can also easily be identified electronically through swipe cards (health clubs, the office, season tickets, etc), there is a real risk of someone linking you to a passing resemblance on a fuzzy CCTV image and making an allegation against you.

It had taken about eight months to get to this point of the inquiry and I was terrified of enduring months’ more worry before I was cleared, but the police followed up my brother’s statement quickly and dropped the charges. However, they told me that current policy is to leave fingerprints, pictures and allegations permanently on file.

Checking subsequently with the police press office, I find that “fingerprints may not be held for more than 42 days”, but I find it scary that nobody really seems to know. I suspect our civil rights are being chipped away all the time in the name of crime and terrorism prevention.

The whole thing, I discovered, was based on a breach of the Data Protection Act. Companies using CCTV are supposed to show images only to authorised people, such as the police. The supermarket involved should never have allowed the receptionist and the credit card victim to see footage on demand. The receptionist, himself in charge of CCTV, should have known this. He wasn’t even following his own company’s code of practice, which asks staff who are suspicious of members to take the matter to a manager first. But he has done nothing illegal.

And neither have I. But while I struggle to have my records deleted from police files, he has drifted on and cannot, so far, be contacted. Nobody knows if he made the allegation out of boredom, spite, or genuine, if misplaced, civic-mindedness. It’s Kafkaesque, said friends. It’s a joke, said others. But it wasn’t fiction and it wasn’t funny. I was actually very lucky.

I might not have been able to prove where I was. If I’d been a lawyer, police officer, accountant or worked in financial services, my career and livelihood would also have been on the line, and if I’d been a celebrity, the story would have been splashed all over the papers before it was disproved. If the allegation had been connected to terrorism, I would have been jailed immediately.

I used to think that if you didn’t break the law, you had nothing to fear from it. Now I know that if this can happen to me, it can happen to anyone.

Data Surveillance

Most Americans do not care about exposing themselves to massive data surveillance but they should, says George Washington University law professor and New Republic legal affairs editor Jeffrey Rosen in his new book, “The Naked Crowd.” Rosen discussed technology and the uneasy balance between security and privacy on April 20 at 2 p.m. on washingtonpost.com.

Jeffrey Rosen: The book is a response to a challenge by my friend and teacher Lawrence Lessig, who writes about cyberspace. We were on a panel about liberty and security after 9/11, and I denounced the British surveillance cameras, which I had just written about for the New York Times magazine, as a feel good technology that violated privacy without increasing security. Lessig politely but firmly called me a Luddite. These technologies will proliferate whether you like it or not, he said, and you should learn enough about them to be able to describe how they can be designed in ways that protect privacy rather than threatening it. I took Lessig’s challenge seriously, and spent a year learning about the technologies and describing the legal and architectural choices they pose. The rest of the book followed naturally, and it’s an attempt to think through the behavior of the relevant actors who will decide whether good or bad technologies are adopted — that is, the public, the executive, the courts, and the Congress.

The cameras are getting smaller

… and will soon be invisible. Anyone who bases their arguments about the dangers of camera surveillance on the primitiveness of current technology is, unlike the latest cameras, being very short sighted. Take a look, for example, at this:

It sounds like the speeder’s nightmare. A speed camera accurate up to 150mph which can be concealed in road studs as small as a cat’s eye indicator, and which can also – as you’re passing – cast a glance at your tyres to see if they’re a bit bald.

And at you, to see who you are and where you are, and what you’re up to. If not yet, then very soon.

Wake up: this camera exists, and it’s being trialled.

I’m awake already.

But the anti-camera lobby can rest easy for a while. The Department for Transport says that there is no way that these cameras, designed and made by a British company called Astucia, will ever be used for “enforcement” to level fines and penalty points. However, they will start being tested around the country later this year, as part of the wider efforts to encourage motorists to respect speed limits.

So, they will not (yet) do “enforcement”, not “for a while”. But they can already do “encourage”. Sounds like enforcement will be with us very soon.

If at first you don’t succeed….

The Australian government has long desired to force ISP’s and Internet content Hosts to take responsibility for the activities of their clients. An attempt to do this in 1999 was defeated, but the authorites are back for more.

The draft bill states that ISPs are required to determine whether their services are used for “illegal conduct or speech.”

Paragraph 152 of the Explanatory Notes to the draft bill says that “Possible action that could be taken by ISPs and Internet Content Hosts (ICHs) so as not to facilitate use of a carriage service by another person that breaches proposed subsection 474.16(1) includes an ISP ceasing to provide Internet services to that person or an ICH ceasing to host a particular Website containing content that breaches the proposed offence.”

Obviously, the implication is clear- should this measure get up, ISP’s will be legally required to be much more aggressive in their surveillance of their customers; a gross breach of their privacy.

(Via Whirlpool.net.au)

Speed camera island

Via b3ta.com, I came across a nice piece of White Rose Relevant graphics, here.

Since I don’t know what the policy is here about pictures, and in any case do not have picture posting privileges, but since b3ta.com is such a Niagara of pictorial diversions, here today and gone tomorrow, I nailed down the relevant image here, amidst appropriately educational commentary.

“Money grabbing gits!” is what b3ta said. Would that our money was the only thing in danger here.

Getting under my skin

The news just goes from bad to worse on the RFID front. Trevor Mendham quoted Tesco CEO Sir Terry Leahy as saying that RFID tracks products, not people, but American tech company Applied Digital Solutions, through it’s subsidiary Verichip Corporation, has already broken through that barrier.

They have developed a RFID product that is implanted in the victim.

The VeriChip minaturized Radio Freqency Identifcation (RFID) Device is the core of all VeriChip applications. About the size of a grain of rice, each VeriChip contains a unique verification number, which can be used to access a subscriber-supplied database providing personal related information. And unlike conventional forms of identification, VeriChip cannot be lost, stolen, misplaced or counterfeited.

Once implanted just under the skin, via a quick, painless outpatient procedure (much like getting a shot), the VeriChip can be scanned when necessary with a proprietary VeriChip scanner. A small amount of Radio Freqency Energy passes from the scanner energizing the dormant VeriChip, which then emits a radio frequency signal transmitting the individuals unique verification (VeriChipID) number. The VeriChip Subscriber Number then provides instant access to the Global VeriChip Subscriber (GVS) Registry – through secure, password protected web access to subscriber-supplied information. This data is maintained by state-of-the-art GVS Registry Operations Centers located in Riverside, California and Owings, Maryland.

It’s a password protected website- anyone with knowlege of the internet knows that password protected websites are not that secure; anyone that says that they can guarantee the security of such a webserver is whistling in the wind.

It’s rather like that dreadful George Lucas film, The Phantom Menace, where the slaves are fitted with a tracking device. Verichip Corp. doesn’t have slaves in their sights as a target market- they have a wider target market in mind.

VeriChip products are being actively developed for a variety of security, defense, homeland security and secure-access applications, such as authorized access control to government and private sector facilities, research
laboratories, and sensitive transportation resources, including the area of airport security.

In these markets, VeriChip is able to function as standalone
personal verification technology or it is able to operate in conjunction with other security devices such as ID badges and advanced biometrics.

In the financial arena, VeriChip has enormous potential as a personal verification technology that could help curb identity theft and prevent fraudulent access to banking and credit card accounts.

In other words, they are after a world where everyone is fitted with these devices. Does Big Blunkett own shares in this company? At the moment, they are working with gun manufacturers. Who will be next?

TSA eyes RFID boarding passes to track airline passengers

The Transportation Security Administration (TSA) is examining the use of RFID-tagged airline boarding passes that could allow passenger tracking within airports, a proposal some privacy advocates called a potentially “outrageous” violation of civil liberties.

Anthony “Buzz” Cerino, communications security technology lead at the TSA, said the agency believes the use of boarding passes with radio frequency identification (RFID) chips could speed up the movement of passengers who sign on to the agency’s “registered traveler” program. This would permit them to pass through a secure “special lane” during the boarding process.

Under the registered traveler program, frequent fliers would provide the TSA with detailed personal information that would be correlated by a background check. Privacy advocates said they believe the RFID boarding pass would then serve as an automatic link to the registered traveler database. Details about how the system might work haven’t been released by the TSA, and Cerino couldn’t be reached today for further comment.

Cerino didn’t say when or if the TSA would push for introduction of the RFID boarding passes or how such a project – likely to require a massive, networked infrastructure – would be funded.

The TSA has already started to work on deploying RFID boarding passes in Africa under the Federal Aviation Administration’s Safe Skies for Africa Initiative – the initiative identifies Angola, Cameroon, Cape Verde, the Ivory Coast, Kenya, Mali, Namibia, Tanzania and Zimbabwe as member countries.

Katherine Albrecht, founder and director of Consumers Against Supermarket Privacy Invasion and Numbering (CASPIAN), a privacy group that has fought the use of RFID tags by retailers and other organizations, called the idea a potentially “shocking and outrageous” violation of civil liberties.

Smart cameras to watch over London Tube

London Underground is set to roll out high-tech CCTV surveillance software that will automatically alert operators to suspicious behaviour, unattended packages and potential suicide attempts on the capital’s Tube system. The move comes as London remains on a high state of alert against a possible terrorist attack following the bombs in Madrid earlier this month.

LU has been trialling the technology at Liverpool Street station during the past two months and is now evaluating the results with a network-wide rollout tipped to follow across the Tube’s 6,000 CCTV cameras, which cover 95 per cent of stations.

The Intelligent Pedestrian Surveillance system from Ipsotek compares CCTV footage against pictures of the empty station and alerts operators to strange behaviour such as people loitering or bags that have been left on the platform.

Sergio Velastin, director of research and founder of Ipsotek, said that it cuts down on operator time and costs related to blanket monitoring of all CCTV screens by alerting staff only when there is a potential problem. Privacy groups are concerned about the increasing coverage of monitoring technology such as CCTV. Velastin dismissed privacy concerns over IPS and said the software monitors only behavioural patterns and not the individual.

We have tried very consciously to stay away from facial recognition issues. None of our system is capable of recognising an individual – just behaviour. Then the police can come in and say ‘we need to find out who that person is’. It is a balance between being free to do what we wish and being protected.

The RFID Privacy Scare Is Overblown

Computerworld has an opinion article by Jay Cline about the privacy scare surrounding RFID technology who explains that the RFID hype has outpaced reality. Manufacturers and retailers have yet to agree on a universal electronic product code. RFID scanning is also far from error-free. But more important, RFID signals are so weak that they’re easily blocked by metals and dense liquids. It’s infeasible today for someone driving a vehicle down your street to intercept signals from RFID-tagged goods inside your home.

He also argues that the economics of RFID chips also limit how they’re used. Until the price of RFID chips comes down to about a penny apiece, they’ll mostly be used at the case and pallet level, clear of any personally identifiable activity. So we have several years to identify the privacy controls we want to see in RFID systems. Some companies are already creating these privacy controls. Chip makers and users are discussing how the principles of data privacy could be built into the RFID process. A top priority is notifying customers that certain items are tagged with these transmitters – which could be done by placing a common RFID logo on product packages. To give customers the ability to turn off the transmitters, some companies plan to make them peel-offs. RSA Security Inc. is also developing a chip that could be worn on watches or bags to block nearby RFIDs from transmitting certain information. So the RFID privacy ball is rolling.

Glad to hear that. Nevertheless, I will still be watching the RFID development with interest…