Dr. Ann Cavoukian, the Ontario Information and Privacy Commissioner, announced yesterday that GND (located in Munich) would be responsible for producing Ontario EDLs. Further, she is working with the company Peratech to develop an on/off switch that would enable or disable the EDL RFIDs. As of yet, Peratech only has their technology working with contactless smart cards (i.e. cards with a 10 cm range), but they expect to overcome this. Ann is presently in talks with DHS to let them build the Peratech solution into the EDLs – this ‘privacy protective’ feature is not currently in the EDL spec. This is part of her ‘PETs Plus’, or ‘positive sum’ approach to security and privacy.
Thoughts
This category identifies postings that are philosophical in nature.
BC Privacy Commissioner Would Resign Over Longterm Surveillance
Several sessions about the Vancouver 2010 Olympics were held over the course of the 10th Annual Security and Privacy conference. The BC Privacy Commissioner, David Loukidelis, has stated in each session that he is opposed to the continued presence of surveillance infrastructure installed for the games after the games conclude. When asked by a member of the audience if he would consider resigning were this infrastructure not dismantled (and thus mirror the actions taken by Greek privacy officers when police refused to limit their use of surveillance infrastructure developed for the Athens games) he responded that he would consider it.
Micheal Vonn, the policy directory for BCCLA, noted in her presentations that the Vancouver police have established a policy for ‘routine’ consent searches throughout the lower eastside area of Vancouver during the games – by her rough calculations, around 300 people would be searched each patrol. Over two weeks, this would amount to a minimum of 4200 searches, and this assumes that only one patrol would be moving through the area each day. What is most significant is that the proposed target area is where the safe injection site is, as well as other essential social services facilities for the most disadvantaged in society. Vonn’s information is in the Vancouver police’s business plan, which suggests that a premeditated, unwarranted, search regime may be coming to the games along with other ‘exceptional’ security measures.
Update: Bell Users’ Average Bandwidth Use
Just a quick note about an interesting tidbit that was passed out by the Bell rep who gave a presentation on DPI today: A few years ago (no precise dates given) users were consuming, on average, 1GB of traffic; this has risen tenfold since that date. As Bell has repeatedly stated in CRTC submissions, they are not caching personally identifiable information as packets course through their DPI equipment, but still maintain that they are looking into the application layer of packets, but not the ‘content’ of the packet. It’s my hope that, over the next few months, more information about ISP uses of DPI emerges so that a more nuanced and productive discussion can take place.
In the next day or so, I’ll be putting up more thoughts and facts that emerged through the 10th annual security and privacy conference, “Life in a Digital Fishbowl“.
Reflections: Day Zero of ‘Life in a Digital Fishbowl’
I’m fortunate enough to be attending the 10th Annual Privacy and Security Conference, Life in a Digital Fishbowl, this year. Monday held ‘preconferences’, and I want to quickly summarize and reflect on the one that dealt with the 2010 Olympic games.
Two sessions were organized, with the first broadly focusing on infrastructure and privacy issues, and the second addressing the need to protect critical infrastructure and consider the ‘legacies’ of mega-events. In the first session, really began with a clear statement that terror threats have reoriented ‘domestic’ threats into the domain of national security and, as a result, a new mode of considering and engaging with security has emerged. As part of this new orientation, the Integrated Security Unit (ISU) has been created to coordinate security agencies across jurisdictional boundaries, but this creates jurisdictional problems. Who can compel what organization to turn over documents, data, and recorded discourse? What should be done when different agencies have very different conceptions of what must remain confidential? Effectively, how do you navigate the varying loyalties and lines of responsibility that members of the ISU hold?
Review: Canadian Copyright – A Citizen’s Guide
Full disclosure, up front: I’m reviewing Canadian Copyright – A Citizen’s Guide (published through Between the Lines) as part of the Mini Book Expo. Now, on to the review…
Canadians are inundated with news about copyright on a regular basis. Where copyright was once a little spoken of technical subfield of law, it has blossomed into a vibrant and relevant facet of Canadian cultural discourse. Unfortunately, such discourse is often clouded by the ‘facts’ of copyright that accompany vast swathes of American media that is projected into Canada; discussions of fair use, the Recording Industry Association of America (RIAA), and the definitions of copyright infringement are regularly grounded in American legal statutes. This book offers itself as an accessible panacea that promises to reorient popular discussions of copyright in Canada.
The text is neatly divided into four parts; Ideas, Law, Practice, and Policy. I’ll address each in turn, noting what I appreciated, and what I found lacking (where appropriate). Given that I spend a little bit of time reading and thinking about copyright, I’ll scatter some comments through the review.
Part I – Ideas
This section of the book is meant to give some background to copyright today. It begins by broadly distinguishing between natural rights-based and utilitarian arguments for the value of intellectual property broadly, and copyright specifically. At the same time, the authors recognize copyright as a means to make non-exclusive property (i.e. ideas) exclusive property; copyright functions to cordon off particular ‘things’ from the public. With this theory behind them, they delve into the history of Canadian copyright by examining the traditions of Britain, the United States (US), and France – copyright law in Canada is found at the crossing of these various legal traditions. While the historical basis of copyright often find themselves into texts on the subject, even elementary theory is often hidden from view – the authors should be congratulated for even taking a stab at the theory behind copyright. Given that the book is meant for a general audience, it’s hard to fault them for not digging into the theory too deeply.
Summary: CRTC PN 2008-19; Requests for Public Disclosure Filings
I’ve just completed a summary document that pulls together the requests for disclosure from the various advocacy groups currently involved in the CRTC’s PN 2008-19 (ISP Internet Management Techniques). A few things that I found of interest:
- TELUS is being used as a lever against the other ISPs; the common metric is “TELUS released all this information in public, so what justification can the rest of the ISPs have for filing in confidence?”
- Public Interest Advocacy Center (PAIC) really focused on Bell and Rogers, and noted repeatedly that Bell has filed items in confidence in this public notice that it had been forced to file in public previously. Also, where Bell could claim confidentiality last time (Canadian Association of Internet Providers [CAIP] v Bell), this isn’t the case now because all the major ISPs will be forced to show their hands at the same time.
- Without historical and projected growth, it is impossible for public groups to argue whether or not current managing practices are appropriate. This data needs to be released so that they can fully response to the CRTC’s public notice.
- The Campaign for Democratic Media (CDM) is willing to have all of the ISPs’ traffic aggregated, so long as it is disclosed publicly what the trends are.
- CDM notes that without information on the top 5% and 10% of users, that it is impossible to ascertain what their actual impact on total bandwidth has been.
- CAIP, PAIC, and the Canadian Film and Television Production Association (CFTPA) all argue that it is important for clear, technical, explanations of congestion be provided – without this, it is challenging to effectively interrogate what is, or isn’t, happening on ISPs’ networks.
- PIAC stands that, if Bell didn’t have a congestion metric in place prior to January 2007 then they should be obligated to disclose information in public on the basis that their definitions of congestion need to be examined more closely than others (unstated, but this is in part because they are such a major player in Canada).
- CFTPA holds that Bell’s networking diagram is good, because it offers specifics into their network. In light of Bell’s submission, other parties should submit similarly detailed diagrams, with devices clearly labeled, so that members of the public can meaningfully comment on whether the network components use by ISPs are adequate or not.
- CAIP, CDM, PAIC, and CFTPA all maintain that knowing what products are being used to manage Internet traffic is critical – without this information it is challenging to actually comment on how throttling is occurring. CDM raises the privacy issue with DPI.
Technology, Thoughts & Trinkets 