Arab

Ope

n U

nive

rsity

- Sp

ring

2013

T215BCommunication andinformation technologies (II)

Session 2

Block 4Protecting and prying 1

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

Session Outline

• Part 3: Privacy and surveillance• Introduction • Defining privacy, surveillance and the surveillance

society • Opportunities for surveillance • Identity and identity theft • Large scale database systems

2

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

1. Introduction [1]• This part of the block uses extracts from books and papers to

explore the contexts and debates relating to privacy and surveillance.

• Readings in this part of the block are almost wholly UK centric, presenting a kind of case study of the situation prevailing in the country.

• The reason for selecting the UK for the case study is that it is generally agreed to be the most intensively surveilled society in Europe and the Western world.

• However, the contexts and issues discussed here are equally relevant to other countries, and it could well be that the UK practices are adopted by many of them in the future.

3

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

1. Introduction [2]

• Surveillance Society Debate: What are your reactions when you see the signs below?

4

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [1]• “Two years ago I warned that we were in danger of

sleepwalking into a surveillance society. Today I fear that we are in fact waking up to a surveillance society that is already all around us.” Richard Thomas (2006)

• What is meant by the terms ‘privacy’ and ‘surveillance’?• Conceptions of privacy are influenced by context and

environment so it follows that any definitions of privacy should be regarded as fluid.

5

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [2]• “Engineers have some responsibility for designing systems that

enhance data protection. The report outlines some of the critical points where technology could be used for unreasonable or unnecessary surveillance, where technical failures can lead to loss of data and diminished trust, and where computer processing of personal data can have unwarranted consequences for fair treatment and human rights. In order to comment on these issues, a combination of engineering expertise and social scientific understanding is required.”

Nigel Gilbert, the 2007 chairman of The Royal Academy of Engineering, a report Dilemmas of Privacy and Surveillance 6

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [3]• “The major issue for most of the technologies considered in

this report is the extent to which they require us to trade some aspect or degree of our personal privacy in exchange for some other benefit or convenience – either to ourselves or society as a whole.”

Dilemmas of Privacy and Surveillance: Challenges of technological change, March 2007 by The Royal Academy of Engineering, London

• However, dilemmas concerning privacy are many and varied, as privacy itself is a multifaceted concept.

7

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [4]• Privacy comes in many forms, relating to what it is that one

wishes to keep private:• privacy as confidentiality: we might want to keep certain

information about ourselves, or certain things that we do, secret from everyone else or selected others;

• privacy as anonymity: we might want some of our actions (even those done in public) not to be traceable to us as specific individuals;

• privacy of identity: the right to keep one’s identity unknown for any reason, including keeping one’s individual identity separate from a public persona or official role;

8

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [5]

• privacy as self-determination: we might consider some of our behaviour private in that it is ‘up to us’ and no business of others (where those ‘others’ may range from the state to our employers);

• privacy as freedom to be ‘left alone’, to go about our business without being checked on: this includes freedom of expression, as we might wish to express views that the government, our employers, or our neighbours might not like to hear;

• privacy as control of personal data: we might desire the right to control information about us – where it is recorded, who sees it, who ensures that it is correct, and so on.

9

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [6]• These various forms of privacy can potentially clash with a number of

values. Each has to be weighed against one or more of the following:• accountability for personal or official actions;• the need for crime prevention and detection and for security generally:

our desire to be able to engage in our personal affairs without anyone knowing is always offset against our desire for criminals not to have the same opportunity;

• efficiency, convenience and speed in access to goods or services: this relates particularly to services accessed online, where access might depend on entering personal, identifying information;

• access to services that depend on fulfilling specific criteria such as being above an age limit or having a disability, or being the genuine owner of a particular credit card;

• the need to monitor health risks, such as outbreaks of infectious diseases;• public and legal standards of behaviour which might weigh against some

personal choices.10

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [7]

• The varieties of privacy and the various values it can be in tension with mean that one cannot appeal to a straightforward, singular right to privacy.• Privacy is inherently contingent and political, sensitive

to changes in society and changes in technology.• This means that there needs to be constant reappraisal

of whether data are to be considered private and constant reappraisal of the way privacy dilemmas are handled.

11

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [8]• Activity 3.2 (a): Which of the six forms of privacy do you think

might apply in the context where McNealy stated ‘You have zero privacy anyway’?• Privacy as confidentiality• Privacy as anonymity• Privacy of identity• Privacy as self-determination• Privacy as freedom• Privacy as control of personal data

12

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [9]• Activity 3.2 (a) – SOL.:• Remember that McNealy’s comments were made in the context of

a technology that was designed to enable the sharing of processing resources between end-user devices.

• Where resources are shared, it’s common for users (or users’ devices) to have to prove their entitlement to the resource(s) by authenticating themselves.

• It’s also possible that their use could be logged for billing purposes or for analysis.

• This has the potential to link a user’s identity with the resources they accessed, and that could reveal information about their behaviour and actions.

• Taking this approach, it seems that all six of the forms of privacy could be in question Perhaps McNealy was right after all! 13

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [10]• Activity 3.2 (b): Which of the six criteria introduced in the

extract and briefly summarised below seems most relevant in the McNealy context?• Accountability for personal or official actions• The need for crime prevention and detection• Efficiency, convenience and speed in access to goods and services• Access to services that depend on fulfilling specific criteria• The need to monitor health risks• Public and legal standards of behaviour

14

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [11]• Activity 3.2 (b) – SOL.:• Maybe, the most relevant criteria from the six in the list to be

efficiency, convenience and speed in access to goods or services.

• But it’s possible that access to services that depend on fulfilling specific criteria is also relevant, since any authentication process would identify those with a genuine entitlement to use the service.

15

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [12]

•Concepts of privacy are mediated by context and society!

16

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [13]• Surveillance and the Surveillance Society: the growth of

bureaucracy led by developments in computer and communication technologies was the catalyst for the growth of surveillance.

• Surveillance: purposeful, routine, systematic and focused attention paid to personal details, for the sake of control, entitlement, management, influence or protection.

• Benefits drawn from surveillance:• progress towards efficient administration• benefit for the development of Western capitalism and the

modern nation-state• reduced labour intensivity and increased reliability and volume of

work that could be accomplished 17

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [14]• Surveillance potential and actual drawbacks:• risks inherent in large-scale computer systems; • the potential for corruption of power; • inequalities of access and opportunity; • the decline in trust, principally between the state and the

individual, but also within more personal relationships;• and the fear that the use of surveillance discourages the

exploration of other solutions and other issues.

• For more discussion about this topic, read the extract from “A Report on the Surveillance Society,” reprinted as Reading 4 in the Block 4 Document Book. 18

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [15]• Activity 3.5 (exploratory): Some examples of mass

surveillance systems are speed cameras, street surveillance systems, and the collection and storage of records made by internet service providers (ISPs). How do these fit with the characteristics of purposeful, routine, systematic and focused?

• Sol:• Purposeful: each of the examples have stated (or perceived)

goals, so they can be considered purposeful. These goals are road safety, crime reduction and national intelligence respectively. Speed cameras also have a role in controlling traffic speed.

• Routine: The surveillance resulting from the three examples occurs during the normal course of our daily business: driving, being in public areas and connecting to the internet. Thus they can be considered as routine.

19

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

2. Defining privacy, surveillance and the surveillance society [16]• Activity 3.5 (Sol – Cont.):• Systematic: the examples are targeted on particular groups of

people: all those who drive a vehicle in designated locations; all those who are present in designated locations; all those who use the services of ISPs. Therefore can be considered to be systematic.

• Focused: The three examples are focused in that each collects and stores data that refers to identifiable persons. The link is weaker in the case of speed cameras, since the information collected by some speed cameras includes a photograph of the driver, but for others the data collected refers to the vehicle being driven and hence to the registered owner (but not necessarily the driver) of that vehicle.

20

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [1]

• This section is concerned with identifying the opportunities for surveillance offered by modern technology through its devices and services.

• For many of these devices and services the potential for surveillance is an example of function creep, their primary purpose being for something entirely different.

• The introduction of a video surveillance system using closed circuit television (CCTV) in 1961 at a London train station heralded the arrival of what is now one of the most ubiquitous and visible privacy-affecting technologies.

• Over the last ten years, government expenditure on CCTV has risen markedly.

21

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [2]

• There are three features of this form of surveillance that create a series of social, political and technical dilemmas:• First, it is citizens in public spaces who are the objects of

surveillance. This threatens to destroy the ‘public privacy’ previously enjoyed by anonymous citizens in a public space.

• Second, citizens are in no position to agree to or reject surveillance. This limits the extent of the freedom of citizens to go about their lawful business without being observed and monitored. It also extends the capacity for agencies and institutions to subject a section of the public realm to surveillance for their own purposes.

• Third, the development of surveillance systems has changed what can be gleaned from observations of individuals. As well as recording the presence of and recognising individuals, surveillance systems now offer the possibility of evaluating and making inferences about a person’s actions and intentions, drawing on stereotypes and profiling methods.

22

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [3]

• Concerns also arise from the shift to digital technology, which has enabled two significant developments:• First, digital recording capacities mean that images can be stored

indefinitely, searched digitally, analysed, reproduced and manipulated with increasing ease.

• Second, images from any camera can be made available instantly to anyone with the capacity to receive data in this form It cannot be guaranteed that surveillance images will remain private, or will not be altered, misused or manipulated.

• A development of a different kind is the addition of microphones to many cameras, so that they can eavesdrop on the conversations of people as they are filmed. Both kinds of development mean that surveillance has become increasingly invasive.

23

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [4]

• The term CCTV is now for the most part a misleading label!• Modern surveillance systems are no longer ‘closed-circuit’, and

increasing numbers of surveillance systems use networked, digital cameras rather than CCTV.

• The continued use of the term is an indicator of a general lack of awareness of the nature of contemporary surveillance, and disguises the kinds of purposes, dangers and possibilities of current technologies.

24

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [5]

• Many modern surveillance systems can instead be thought of as ‘public webcams’.

• Although most surveillance cameras do not broadcast to the Web, and are therefore not webcams as such, the way that they function makes them very similar to webcams.• For example, they can be – and often are – linked as a network covering a

wide space; their footage can be streamed to the Internet or TV; the footage is stored digitally and it can be searched using image searching technologies.

• Just as public awareness of how public webcams exist and change public spaces is lagging, so law and custom has been slow to respond.

• The ubiquity and power of public webcams calls for greater attention to the impact of digitisation on privacy in the public realm, and an end to complacency associated with outdated perceptions that belong in the CCTV era.

25

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [6]

• Surveillance Advancements:• RFID (Radio Frequency Identification): tags that are small

wireless devices that provide unique identifiers which can be read by remote sensors.

• The original aim of these small low cost devices was to enable companies to keep track of stock.

• However, there are RFID tags which can be ‘active’ – they emit signals over a greater range and can be sensed remotely – and so concerns over their use have grown.

• These tiny devices are inconspicuous, meaning that an individual might not be aware that there is an RFID tag in a product they have bought which is transmitting information, nor will they be aware of who is able to pick up the data.

26

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [7]

• Surveillance Advancements (Cont.):• Near-Field Communications (NFC): is a specific kind of RFID

technology, that is used for short-range wireless interactions and extends the capabilities of contactless technologies such as RFID to allow two-way initiation of communications.• For example devices embedded with NFC chips can be used as

payment devices; payment being made by passing the device (a phone, for example) over a reader.

• Wimax (wireless interoperability for microwave access – standard implementation of IEEE 802.16 wireless networks): alternative to other means of networking such as Ethernet or cable and minimal disruptive influence in terms of deploying identity-based applications. This is likely to be true of other global connection technologies, such as 4G and 5G. 27

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

3. Opportunities for surveillance [8]

• Surveillance Advancements (Cont.):• Zigbee: refers to a set of specifications for wireless sensor

networks, an application of which could be a network of sensors used for home automation which uses sensors to control switches on household devices.• Zigbee and other wireless sensor networks create new opportunities

for recording data about movements within a particular space• Biometric: technologies that use biometric data to identify and

authenticate individuals, often for local authentication of a person.

• Voice-based interaction: has the ability to execute transactions securely over voice channels of all kinds.

28

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [1]

• Increasingly, commercial transactions require proof of a person’s identity.

• Opening an account and applying for credit, goods or services will require you to verify that you are who you say you are, without which you may be denied access.

• Proof of identity often involves a collection of small pieces of information: • Name• Address• Father (or mother’s) maiden name• National Insurance number• Date of birth 29

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [2]

• For documentary proof of identity you may be asked to supply a passport, driving licence, or birth certificate

• These documents and the confirmation provided by additional personal details therefore form the basis on which the unique identity can be established.

• As such, they become an attractive target for those wishing to impersonate and fraudulently obtain goods and services (such as access to the bank accounts) using the identity.

• Unlike biometric data such as iris scans, fingerprints and facial features, documentary evidence is much easier to steal or forge, and personal details much easier to obtain.

30

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [3]

• We live in a surveillance society. But the fault does not lie only with some Big Brother.

• In our everyday lives we leave a ‘footprint’ of personal information: details about where we go, whom we are friends with, the things we buy and the culture we enjoy.

• And from more personal services to the many new ways to communicate with and learn about each other, we are keen for the benefits this openness affords.

• But there is a tension at the heart of this surveillance society. • Our information is increasingly relied upon by the public and

private sector to make important judgements about people.

31

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [4]

• And there is now more opportunity than ever for those decisions to be made without our consent or involvement.

• Those decisions will ultimately influence our futures in fundamental ways, from the kinds of services we are offered or are entitled to, or our desire for a realm of privacy, through to our ability to secure credit.

• Personal information can be interpreted and used long after the everyday interactions it originated from.

• We need to make sure that people have more influence over and confidence in not just how secure their personal information is, but also in the way it is given away, shared and used.

32

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [5]

• “The internet is great. It used to take me two to three weeks to gather everything I needed to steal an identity. Now I can get it done in two to three hours online.”!!

(Quote from a fraudster, in a report commissioned by Garlik and produced

by the research criminologists)

• With the proliferation of data, fraudsters have become all too aware of how easy it is to collate personal data online.

• ‘Identify theft industry’ is becoming more organised.• There are people who specialise in personal information harvesting,

searching online looking for likely targets, amassing their details and passing them on to the second group.

• This second group are the identity fraudsters, who use these packaged identities to fraudulently acquire credit cards, loans, fake passports, driving licences, and benefit claims

33

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [6]

• But while this all sounds very scary in theory, does it really happen in practice? How easy is it to acquire enough information about you to start to steal your identity?

• The answers are yes, and ‘very easy’ – if you know where to look!!

• In contrast to the average consumer who will be fairly ignorant of where their personal information is online, the average identity fraudster knows exactly where to find you.

• It can be difficult to work out what warnings of ‘identity theft’ really mean, and how it happens. Perhaps if there were a greater understanding of what is possible, it would be easier to take steps to reduce the probability of being a target.

34

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [7]

• This ability to intrude into an individual’s life using information found solely online is unprecedented and is a relatively recent phenomenon. • Five years ago citizens did not face this situation.

• So what has changed in this period? • The first is the rise of Web 2.0. Companies such as MySpace,

Facebook, blogging sites, YouTube and Friends Reunited began to emerge in 2002 after the ‘dotcom crash’ of the preceding couple of years.

• This new wave differs from the first-generation Web 1.0 companies (Amazon, eBay and Egg) by being driven primarily by usergenerated content.

• This means that the bulk of the content that makes up a Web 2.0 website is contributed by its individual users rather than the company itself.

35

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4. Identity and identity theft [8]

• It might be pictures, an online diary, videos or just comments about a hotel you stayed at. • The common thread is that it is all about what you say to

the world.

• Hundreds if not thousands of these sites, alongside perhaps 70 million ‘blogs’ (online diaries) have been created, relying on tens of millions of users publishing a deluge of their content – from pictures to videos.

36

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.1 Profiling [1]• Profiling is the practice of analysing a set of data about an

individual in order to identify that individual as fitting into a particular category.

• Frequently this is done for the purpose of targeted advertising which, though it may be irritating, is largely benign. It’s also carried out as a protection mechanism.

• Profiling becomes more sinister when it is used to make decisions that provide benefits to one set of people whilst denying them to others. • For example, geographical profiling (based on data about where

you live or where you go) has both financial and social implications such as higher home insurance premiums in flood risk and high-crime areas. 37

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.1 Profiling [2]

• Profiling can also lead to differences in how customers are dealt with• Those who have been profiled as potential high spenders could

receive enhanced service to the detriment of those who haven’t.

• Call centres now rank order customer accounts according to their relative spend• The higher the spend, the greater a customer’s value is to the

organisation, and so when these customers call for service, they are routed into shorter queues and answered by more skilled employees.

38

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.2 Identity theft [1]

• Identity theft is the act of deliberately assuming the identity of another person for fraudulent purposes. • Usually this is for some financial gain such as

obtaining money from the victim’s bank account, or obtaining goods, services or credit in their name.• The extent of identity theft is difficult to assess

as it is classified and measured in different ways by different sources. 39

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

4.2 Identity theft [2]

40

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [1]

• Some of the UK government’s large-scale electronic databases: • electoral registers• birth• marriage and death registers • planning applications• National Health Service

• Who decides what data should be collected and for what purpose it should be used?

• Who controls how data is kept and for how long, and who has access to it?

• Who regulates and checks those responsible? 41

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [2]

• In 2008, the Joseph Rowntree Reform Trust Ltd commissioned the Foundation for Information Policy Research (FIPR) to investigate the role, performance and security of public sector databases in use in Great Britain and Northern Ireland.

• The result is the report Database State, published in February 2009, claimed to be ‘the most comprehensive map of Britain’s database state currently available’ (Shutt, 2009).

• The report examined a total of 46 public sector databases that hold (or are planned to hold) identifiable personal information either on the majority of British citizens or on significant minority groups (for example schoolchildren).

42

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [3]

• The main focus of the report was to assess each of the databases examined in terms of their effectiveness, privacy and legality, and to classify them according to a ranking of red, amber, or green, defined below.

• Of the 46 databases examined, the report ranked only 6 as green, 29 as amber and the remaining 11 as red.

What does that mean ??

43

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [4]

• Traffic Light System• green – the underlying system appears basically sound, without

any insuperable legal problem, although there may be aspects of governance and management that need improvement;

• amber – the system demonstrates significant, worrying failings, and may fall foul of a legal challenge;

• red – the system’s failings are so significant, or its architecture so inappropriate. We do not feel it should continue, given the likelihood that it will have a negative impact on life in our society.

(Foundation for Information Policy Research (2009))

44

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [5]

45

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [6]

46

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [7]

47

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [8]

• It was the loss on 18 October 2007 of 25 million child-benefit records that finally made the database state a mainstream issue.

• Over the following months the list of public-sector bodies that owned up to losing people’s personal details increased to include the RAF, Navy, MoD, Home Office, police, NHS Trusts, GPs, DVLA, the Department for Work and Pensions, other Whitehall departments and local councils.

• Those affected include patients, taxpayers, welfare recipients, applicants for driving tests, students, teachers, job applicants, farm workers, prison staff and service personnel.

• Indeed, on 1 March 2009, the press reported that the Prime Minister’s own medical records had been compromised!

48

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [9]

• Though this section has focused entirely on public sector databases of personal information, it is important to bear in mind that it is NOT solely governments or government agencies that collect and store personal details. • For example, Google and Yahoo! retain search

information for several months, and the contents of any messages sent via Gmail are searched (though by machine rather than human) for the purposes of targeted advertising.

49

Arab

Ope

n U

nive

rsity

- Sp

ring

2013

5. Large scale database systems [11]

• Nevertheless, there are many benefits, both to society and to individuals, from these mass collections of personal data • They can provide speedy access to services,

efficiencies and cost savings in administration and enhanced experiences in our personal interactions.

• Several of the readings have mentioned to a tension between the advantages they confer and the privacy they require us to sacrifice. 50