One of the largest network vendors in the world is planning to offer their ISP partners an opportunity to modify HTTP headers to get ISPs into the advertising racket. Juniper Networks, which sells routers to ISPs, is partnering with Feeva, an advertising solutions company, to modify data packets’ header information so that the packets will include geographic information. These modified packets will be transmitted to any and all websites that the customer visits, and will see individuals receive targeted advertisements according to their geographical location. Effectively, Juniper’s proposal may see ISPs leverage their existing customer service information to modify customers’ data traffic for the purposes of enhancing the geographic relevance of online advertising. This poses an extreme danger to citizens’ locational and communicative privacy.
Honda has released a new GPS system for their vehicles where it will warn drivers when they’re about to leave their car in areas where there is a high chance of theft, vandalizm, or other criminal activity. I have two, relatively short, things to note about this:
A Comical Note
I can just imagine programming this thing for Rio – all the device would say was ‘If you’re stupid enough to think that this will help you here, you’re almost certainly a tourist’.
A Less Comical Note
This continues the pervasive surveillance of what you’re doing AND associates it with databases that you can’t be certain are terribly secure. I imagine that if a particularly enterprising individual surreptitiously made a few changes, and the the GPS was followed to the letter, that badness would ensure. Beyond fear-mongering, however, this technology associates perpetual vehicular monitoring with safety, and mistakenly presents the notion that police equally monitor and respond to reports in all areas of GPS coverage. This is a legitimate badness – it further complicates the problems surrounding self-awareness and unquestioned reliance on external data sources, sources that can become significant factors in one’s daily life.
Of course, it won’t be sold that way: Live in safety! Let us watch you! Surveillance stops all crime! Just look at CCTV in Britain.
In a recent presentation to the Summer 2007 Privacy Symposium, Jim Harper lays out a series of concerns about a national identification system. I’m just going to run through them quickly – watch the video that I link to at the end of the post to view his presentation yourself.
Authentication versus Identification
Authentication is where you are challenged to provide a set of items/data in order to gain access to something. An example would be the requirement to have both a banking card and a PIN to access your bank account – this authenticates your access to the resource, but it isn’t a wholesale validation that it is actually Christopher Parsons who is accessing my bank account. Instead, what this does it is gives enough information to the bank that it is comfortable providing access to my bank account, without actually knowing for sure that it is me accessing the account.
Identification draws on unique characteristics that make up who you are, and validates that person attempting to gain access to X or do Y against the recorded characteristics that identify that person. This involves validating a person against facets of their constitutive being, with a popular identifier coming from biometric information. This passes beyond authentication systems because the person is certifiably identified. Whereas I can give you my bank card and PIN, I would have a far harder (and more painful) time giving you my right eye and left thumb.
The Canadian SIGINT Summaries includes downloadable copies, along with summary, publication, and original source information, of leaked CSE documents.
Parsons, Christopher; and Molnar, Adam. (2021). “Horizontal Accountability and Signals Intelligence: Lesson Drawing from Annual Electronic Surveillance Reports,” David Murakami Wood and David Lyon (Eds.), Big Data Surveillance and Security Intelligence: The Canadian Case.
Parsons, Christopher. (2015). “Stuck on the Agenda: Drawing lessons from the stagnation of ‘lawful access’ legislation in Canada,” Michael Geist (ed.), Law, Privacy and Surveillance in Canada in the Post-Snowden Era (Ottawa University Press).
Parsons, Christopher. (2015). “The Governance of Telecommunications Surveillance: How Opaque and Unaccountable Practices and Policies Threaten Canadians,” Telecom Transparency Project.
Parsons, Christopher. (2015). “Beyond the ATIP: New methods for interrogating state surveillance,” in Jamie Brownlee and Kevin Walby (Eds.), Access to Information and Social Justice (Arbeiter Ring Publishing).
Bennett, Colin; Parsons, Christopher; Molnar, Adam. (2014). “Forgetting and the right to be forgotten” in Serge Gutwirth et al. (Eds.), Reloading Data Protection: Multidisciplinary Insights and Contemporary Challenges.
Bennett, Colin, and Parsons, Christopher. (2013). “Privacy and Surveillance: The Multi-Disciplinary Literature on the Capture, Use, and Disclosure of Personal information in Cyberspace” in W. Dutton (Ed.), Oxford Handbook of Internet Studies.
McPhail, Brenda; Parsons, Christopher; Ferenbok, Joseph; Smith, Karen; and Clement, Andrew. (2013). “Identifying Canadians at the Border: ePassports and the 9/11 legacy,” in Canadian Journal of Law and Society 27(3).
Parsons, Christopher; Savirimuthu, Joseph; Wipond, Rob; McArthur, Kevin. (2012). “ANPR: Code and Rhetorics of Compliance,” in European Journal of Law and Technology 3(3).