Privacy & Surveillance

Posts under this category name relate to privacy generally, rather than distinguishing between the various ‘kinds’ of discussing or recognizing privacy.

Reflections: Day Zero of ‘Life in a Digital Fishbowl’

/ Christopher Parsons

200902022154.jpgI’m fortunate enough to be attending the 10th Annual Privacy and Security Conference, Life in a Digital Fishbowl, this year. Monday held ‘preconferences’, and I want to quickly summarize and reflect on the one that dealt with the 2010 Olympic games.

Two sessions were organized, with the first broadly focusing on infrastructure and privacy issues, and the second addressing the need to protect critical infrastructure and consider the ‘legacies’ of mega-events. In the first session, really began with a clear statement that terror threats have reoriented ‘domestic’ threats into the domain of national security and, as a result, a new mode of considering and engaging with security has emerged. As part of this new orientation, the Integrated Security Unit (ISU) has been created to coordinate security agencies across jurisdictional boundaries, but this creates jurisdictional problems. Who can compel what organization to turn over documents, data, and recorded discourse? What should be done when different agencies have very different conceptions of what must remain confidential? Effectively, how do you navigate the varying loyalties and lines of responsibility that members of the ISU hold?

Continue reading

Update: Mobiles and Your Identity

/ Christopher Parsons

Last year I authored a post entitled “Mobiles and Your Identity“, where I attempted to unpack some of the privacy and surveillance concerns that are associated with smart phones, such as RIM’s Blackberry and Apple’s iPhone. In particular, I focused on the dangers that were associated with the theft of a mobile device – vast swathes of both your own personal data, as well as the personal information of your colleagues and friends, can be put at risk by failing to protect your device with passwords, kill switches, and so forth.

Mark Nestmann, over at “Preserving Your Privacy and More” has a couple posts discussing the risks that smart phones pose if a government authority arrests you (in the US). He notes that, in a recent case in Kansas, police examined a suspect’s mobile phone data to collect call records. When the case was brought to the Supreme Court, the Court found that since the smart phone’s records were held in a ‘container’ (i.e. the phone itself) that the police were within their rights to search the phone records. Mark notes that this ruling does not apply to all US states – several have more sensitive privacy laws – but leaves us with the warning that because laws of analogue search are being applied to digital devices that it is best to limit the data stored on smart phones (and mobile digital devices in general).

Continue reading

Review: Protectors of Privacy

/ Christopher Parsons

Newman’s Protectors of Privacy: Regulating Personal Data in the Global Economy is exemplary in its careful exposition of Europe’s data protection regulations. Using a historical narrative approach, he demonstrates that Europe’s current preeminence in data protection is largely a consequence of the creation of regulatory authorities in member nations that were endowed with binding coercive powers. As a result of using the historical narrative method, he can firmly argue that neither liberal intergovermentalist nor neo-functionalist theories can adequately account for the spread of data protection regulations in the EU. Disavowing the argument that market size alone is responsible for the spread of data protection between member nations, or in explaining Europe’s ability to influence foreign data protection regulations, Newman argues that the considerable development of regulatory capacity in European member states, and the EU itself, is key to Europe’s present leading role in the field of data protection.

Drawing on recent telecommunication retention directives, as well as agreements between the EU and US surrounding the sharing of airline passenger information, Newman reveals the extent to which data protection advocates can influence transnational agreements; influence, in the EU, turns out to be largely dependent on situating data privacy issues within the First Pillar. For Newman, Europe’s intentional development of regulatory expertise at the member state, and subsequently EU level, as demonstrated in the field of data privacy and tentatively substantiated by his brief reflection on the EU’s financial regulatory capacity, may lead the EU to play a more significant role in shaping international action than would be expected, given its smaller market size as compared to the US, China, and India.

Overall, I would highly recommend this book. If you are interested in the role of regulatory capacity in the ongoing issues of personal data (especially as it pertains to the EU), or if you just want to read an inviting, concise, and well-developed historical account of the development of EU data protection regulations, then this book is a great way to spend an evening or three.

Thoughts: Why do I focus on digital privacy issues?

/ Christopher Parsons

Earlier this year, I was asked a very good question by my MA advisor. Omid asked, “Why do you study what you study?” At the time, I gave an incredibly disappointing answer – it was vague, disjointed, and really didn’t address the question in a forthright way. I think that there were a few reasons: first, I didn’t have time to prepare; second, I hadn’t reflected on this question in a deep manner that could be succinctly expressed; and third, I’m not very good at answering relatively complicated questions that link into my personal history on the spot. Since then, the question has been in the back of my mind, and I’ve come back to it on a frequent basis.

So, with that in mind I want to put forth a probationary answer to “Why do you study what you study?” It’s going to involve touching on what was a few key computing moments in my life, formative elements of my undergraduate and graduate degrees, and how my background working in IT fits into things. If you want to just skip to the final answer, hit the bottom of the post – the intermediary sections see me start linking together various facets of my life and education to form the structure to answer Omid’s question, and may be of little interest to you.

The Past

I’ve had a computer in my house almost since I can remember. My dad had an old Tandy computer that I played very early video games on. It was a beast to navigate, and the commands were arcane (especially to a 4 or 5 year old!). That said, it was amazing that you could play games on it. It wasn’t until we moved from the Maritimes that there was a ‘household’ computer. It cost a small fortune, and was meant for school work. I, of course, quickly learned how to install games on it. This was in the days of DOS and Windows 3.11. I learned how to navigate via a command line, as well as what not to do when trying to fix computer problems (an early lesson: deleting full directories when you don’t know what is in them is a really, really, really bad idea!).

Continue reading

Review: The Privacy Advocates

/ Christopher Parsons

I’ll start this by being very forthright: Colin is my supervisor for my doctoral work. This said, the review that I offer is my own, and has not been influenced by Colin in any way. He has not read this review (or even made aware that I was preparing a review!) prior to my posting it.

The Privacy Advocates: Resisting the Spread of Surveillance is an interesting book, because it is the first of its kind where the agents who are on the ground fighting the fight for privacy are examined. Given Bennett’s extensive relationships with various data authorities and advocates, we get a very revealing glimpse into the lives, histories, and motivations of the major players in Canada, the US, and a handful of international advocacy groups. Bennett’s critical thrust in the book, which we get to in its last chapter, is this: “Should we understand privacy advocates as transforming their work into a movement, such as the environmental movement, and is such a transformation necessary for them to successfully engage privacy-infringing bodies in the future?”

To set the frame for his response to this question, Bennett identifies the history that has led privacy advocates to spring from the various areas of civil society that they emerge out of. He talks about how computers led to a perception that there is a greater potential for mass surveillance, but then rapidly turns to look at the groups who are actually engaging with issues of surveillance and privacy. He establishes a tripartite categorization of the groups that are involved in privacy and privacy-related issues:

Continue reading

Comment: To RFID or not to RFID, that is the question

/ Christopher Parsons / 1 Comment

The Vancouver Sun has an article that was written by Phil Chicola, U.S. Consul General in Vancouver. Entitled “To RFID or not to RFID, that is the question,” it is yet another part of the ongoing propaganda war surrounding the embedding of RFID chips in regular consumer products. In the recently released Canadian Border Services Agency (CBSA) Privacy Impact Assessment of the Enhanced Drivers License (EDL) program, we find that,

An effective external communications strategy will be developed by the [Provinces and Territories] with the assistance of the CBSA to ensure that the Canadian public is made aware of the significant privacy safeguards that will be put in place and the constraints that will be imposed on any subsequent use of personal information, especially sharing with the U.S. in consideration of the U.S.A. Patriot Act (29).

What this has amounted to in Ontario has been a persistent insistence by government officials that because the Radio Identifier that EDLs emit is not tied to any *other* piece of government information (e.g. the RFID number is not generated from an association with your driver license number, birth certificate, etc.) that the identifier isn’t personal information. Thus, while you will be broadcasting a number from your drivers license to anyone with a reader, that isn’t ‘personal’. Let’s turn to the Vancouver Sun article, and see how it squares up with the Canadian propaganda, shall we?

Continue reading