Saturday, June 22, 2013

No Call Left Behind


With a long, sweeping bow to Maureen Dowd of The New York Times, I changed the title of this entry from "Private Parts" based on her column of June 16. She mentions "that polls indicate that the overwhelming American attitude is 'Spy on me.'"  Please.

As I was saying,  “law enforcement” can be divided into at least two parts: Criminal Investigation and Crime Prevention.  One is after the act; one is before the act.  Big difference.

Anyone who has watched any of the cops and robbers TV shows knows that all kinds of information is “out there.” “Out there” may mean on servers scattered around the world.  Or “right there” on your smartphone.  It remains for detectives to connect the dots and find the perp.  A crime is committed. A suspect is ferreted out.  A cellular phone is found.  After obtaining a warrant the calls are “dumped,” as they say.  All of the data about the suspect’s movements are merged.  And the person is cleared or becomes a suspect.

How about crime prevention? That is the question. How much of our lives are we willing to have “examinable” in order to stop the bad-guys in their tracks?  Is there really a need to wade through all of that data for every person in order to find a kernel of significance?

No.  It would be a waste of time.  What we do need to see is what we used to call “exception reports” when I worked in the long-distance phone business.  At one company that I worked for we offered customers the opportunity to see things that were exceptional: Calls longer than n minutes; calls during specific times; calls to certain states, cities or area codes.  Combine them and management can spot problems.  Does an employee have a family problem that needs attention?  Is someone looking for another job?

What if intelligence analysts could do the same with much of the data that is “out there”?  Enter the somewhat futuristic TV show “Person of Interest,” the premise of which is that a computer has been built that analyzes every possible piece of data and comes up with the names of two people, one of whom is going to do harm to the other.  (It’s an interesting trick that they play on us when the tables are turned.)

The point is well taken: It is really hard to stay “off the grid.”  There’s little doubt that clues exist before the fact that a bad thing is going to happen and who is going to do it:
Timothy McVeigh and Terry Nichols left plenty of clues that were used to convict them after the 1995 bombing in Oklahoma City.  Could those clues have been used to catch the plot before it was hatched?  There were dots to be connected.
The 19 people who carried out the 9/11 attacks lived among us for months, leaving trails a mile wide that were pieced together after the destruction.  People in positions to know, with their hair on fire, wrote memos starting in January, 2001,  that warned of the attacks.  There were, after all, dots to be connected.
The brothers Tamerlan and Dzhokhar Tsarnaev were known to authorities well before they burst on the scene as the Boston Marathon Bombers.  There’s probably plenty of evidence to convict the lone surviving brother.  But could connecting the dots have prevented this massacre?

As quoted in The New York Times recently, Security expert Bruce Schneier wrote that it isn’t that the Internet has been penetrated by the surveillance state; it’s that the Internet, in effect, is a surveillance state.   It’s a surveillance state in the hands of corporations. 

One question is does that mean that one gives up all sense of privacy be being “on the grid”? 

Another is whether that corporate and public data should be accessible to the government?

To the first question, in a sense, Yes.  In a sense. Even if you’re talking strictly about the electric grid, one’s usage could be significant. 
Example: If your electric bill is “substantially” higher –whatever that means—than you neighbors’ perhaps there’s something going on.
And what if your water bill is “substantially” higher –again, whatever that means – than your neighbors’ perhaps there’s something going on.

Are we a police state if some agency looks at those dots, checks your bank and ATM usage, and goes before a judge to obtain a search warrant to see if you’ve got a meth lab in your garage?

 Eric Schmidt of Google said in 2009 “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”  I DISAGREE IN PRINCIPLE.  There could be lots that I do that I don’t want anyone to know about.    It’s when what I’m doing is illegal that the authorities need to know about it.

For more on the structure of our intelligence apparatus see this column by Tim Shorrock: http://www.nytimes.com/2013/06/18/opinion/put-the-spies-back-under-one-roof.html?nl=opinion&emc=edit_ty_20130618&_r=1&

 Some say that you can have privacy or you can have the Internet, but you can’t have both.

It is at least possible to participate in online culture while limiting horizontal, peer-to-peer exposure.  But it is practically impossible to protect your privacy vertically –from the service providers and social media networks and now security agencies that have access to your every click and text and email.

In the olden days, when faxes were just becoming widespread, there was talk of making it impossible to re-fax a fax or of notifying the sender of an initial fax that it has been copied or re-faxed.  That never went anywhere.  But how about emails with these features:
1.              Sender notification when an email is received, and opened.
2.              Making something that you send un-forwardable.
3.              Having emails deleted from the server and the recipient’s computers in some time.


The Internet has changed everything. I could stop right there.  You know me better than that.  There is, however a divide between information about ourselves that we readily divulge and information about us that we have no idea is out there.

People are posting running commentaries on where they are, what they are drinking and with whom. It’s amazing.  But it’s all voluntary.  Even bragging.

Let’s take a look at the other stuff, and then try to figure out what, if anything, to do about it.

To begin with, most people have no idea how much information is contained in their computer hardware.

Some examples:

Computers all over the world know the house that I live in, and the car that was parked in my driveway when Google’s camera-car drove by.
Computers know when I make a cellular phone call, to whom, for how long and what towers it was relayed through.  Ditto emails and text.
Computers know what products and services that I search for online.  On the bottom of my screen I’m even told that “people who bought that also bought this.” Should I be surprised that when I am on FaceBook there are ads on the right side of my page that show the results of my recent searches. 

How do they know that?
Each computer has two identifying numbers: One is an Internet Protocol (IP) address; one is a Media Access Control (MAC) address.

Some specifics:
A few years ago I was dumb and fell for one of those scams that resulted in my Hotmail account being hijacked.  It took a while but I was able to demonstrate to Hotmail that I was who I said that I was even though I didn’t match the recently-changed identifiers of mother’s maiden name, etc.  How?  For years I’d been accessing my emails from one laptop, now it was being accessed from another.  And I was sitting at the older one while the hijacker was sitting at a newer one. I regained control of my email account.

I was in Europe recently.  I did some online searches for where to eat, places to visit and travel directions.  All in Munich, with answers in German.  I even read The NY Times in Munich –albeit in English.

Back in the US of A my new searches stopped having German-oriented results and being written in German.

Have you ever accessed a discount-air-travel website to check out pricing, surfed away, and then returned –only to find out that the price had gone up? Their server recognized your computer. That’s their way of teaching you to “buy now” next time.

Here’s an experiment.  You and a friend check pricing from two different computers –one a Windows device and one a Mac.  Many items that you shop for will show different prices.  Typically, Mac users will be shown higher prices.  Go figure.

Since you are reading this blog let me tell you a few things about people who come to this site.  Anytime I want to I can check my account and find out the following:
  • How many people visited the blog today?
  • What countries did they log in from?
  • What were the operating systems of their computers (Windows, Mac, other)?
  • What browsers did they use (Explorer, Safari, FireFox, other)?
  • Last but not least, what site were they on before coming to this blog?
And that’s for free.  Imagine what information someone could buy?

You may have heard the term “megadata,” referring to the bare bones of computer data.  In digital cameras megadata includes the make and model of the camera, the date and time the pix was taken, and the location.  Privacy?  Forget-about-it.

I recently uploaded pix on FaceBook that I had taken at an event, using my iPhone.  Later I uploaded pix that I had taken with my Panasonic and uploaded to my iMac  and then sent to FaceBook.  There they are, in two separate albums, identified as being taken using IOS (the iPhone) and Aperture (an improved iPhoto on my iMac).  Privacy?

There are so many facts about us that are collected on a daily basis: Credit card payments for fuel and food; MetroCards on subways and highway toll-booths; online and in-store purchases; bank deposits and withdrawals; online searches on Google, Bing and others.

When you stop to think about it, there’s an absolutely amazing amount of data out there about each of us.  It used to be a segmented, incomplete paper trail. 

Now it’s an all-encompassing trove of precise, track-able data. 

The question is, should we allow our government to know that much about us?   
To further complicate matters, I just returned from seeing "War On Whistleblowers" at a showing by MoveOn.org at the Burton Barr Library in Phoenix.  It's an interesting and informative movie --a "must see."  Some viewers tried to tie it to Edward Snowden, formerly of NSA.  I'm not sure that he's a whistleblower, because, a) he was complicit in what is going on, and, b) what was going on is exactly as Congress established and the President signed.  I'm not sure that he's a spy, either, although that's what he's being charged with.    To coin a phrase, "It's complicated." 
 
What's your take on this subject?









No comments: