A short story about pants

by ,

I was living in Australia and having a fine time when one day my company offered me a position overseas. I’d always wanted to travel and experience other cultures so I accepted the position.

The destination country had some customs that were different from my homeland. For one thing the climate was warm and the men almost universally wore miniskirts; some were ornate and formed part of their formal attire. This seemed very different but I was assured that people from all kinds of countries lived there and it would be okay.

Things became weird when I landed at the airport. The sudden fashion change around me was alarming. I reminded myself that this was how they dress over here so to them it’s not weird at all.

The locals were staring at me though. Not overtly; just stealing extra glances. Some of the older folk looked down and frowned. Nobody said anything but I quickly realised that they were curious about my pants. I supposed they didn’t see men wearing them very often.

On my third day at the new office I was having morning tea when a colleague sat down next to me. He greeted me cheerfully, adjusted his skirt and quietly asked, “Um. If you don’t mind me asking, why is it that you wear pants?”

I chuckled.

“Well, back home all of the men wear pants, not skirts. I’ve worn them all my life.”

“But here you don’t have to do that. You can wear a skirt if you want to. If any Australians gave you trouble I’d back you up in an instant.”

“Hah, I’m not worried about that. I’m just more comfortable this way, y’know?”

He pondered this for a minute.

“But isn’t it odd to wear pants now that nobody’s making you do it?”

“What? Nobody’s making me do it. It’s just how I live.”

“So you could have worn a skirt to work in Australia if you wanted to?”

“Well no, people would have made fun of me. But that’s not the point! I just like wearing pants.”

He looked me in the eye and turned away to take a sip of coffee.

“Look. I’ve been working with you for a couple of days now and I can see you’re a great guy. So let me give you some advice. It kind of sucks, but you’re not going to get very far around here if you keep wearing pants. Do you think you could wear a skirt?”

“No! I mean…”

I paused and frowned.

“I guess I could if I really had to, but I’d feel really self-conscious about it. Why’s it such a big deal?”

“Here, the miniskirt is a symbol of masculinity. Our muscled legs and hair project our identity in an important way, particularly when you meet people in business. The way you cover your legs up makes you look like you have something to hide.”

“Something to hide?”

He shifted uncomfortably.

“I don’t know, you’re from Australia. Who knows what you’re thinking? If you just made an effort to fit in, people will trust you more.”

I looked at him levelly.

“Okay, thanks for the advice.”

His advice proved true. I kept my pants and it was like there was an invisible wall between me and the locals. I called the office back in Australia and managed to wangle a transfer back after three months. It certainly had been a cultural learning experience. I don’t think I’ll go again.

Automatic Stalking with Facebook

by ,

As we already know well, modern services like Facebook defer human decision-making to automatic data analysis. This drives things like the “Top Posts” on our News Feed and it’s supposed to make our lives easier. It is easy to assume that these sorts of algorithms are fair, reasonable and correct because they are simply mathematical calculations performed by a computer. Of course, in practice these algorithms also reflect their design and the biases of their creators.

There is an argument that if a particular piece of information is not hidden then it doesn’t matter how widely that information is disseminated. It was meant to be public. Therefore any tools that sift through that data and highlight the items that are most interesting can only be a good thing. Better writers than I have already written interesting critiques of this argument.

This alone is controversial. The fact that you are present at particular public locations might not be something you want everybody to know. If you have a stalker or a violent ex-partner it can be extremely dangerous. Depending on where you are observed it might reveal by proxy your religion, sexual orientation or political views. You may want to keep this information private, or you might not want to be defined in those terms when people search for your name online.

In these examples it is implied that there is some curious or malicious person who decides to perform a search on data available to them. This conscious decision is a final morality check. That person has to think about whether it’s really any of their business to search for what they are. That person can also be judged by civil society for the kinds of searches they make. Perhaps they are creepy; perhaps they meet definitions of criminal stalking. Either way there is an opportunity for society to influence people and try to convince them not to do things that make us uncomfortable.

I think Facebook is trying to do away with this final morality check. I can’t prove it, which is part of the problem, but I’m pretty sure they are.

The other day I received an email from Facebook stating that a peripheral friend of mine is now in a relationship. Many of my Facebook friends have been through relationship transitions before but this is the first time I’ve received one of these emails. I can see why this might be interesting to me if I were of a slightly creepy persuasion:

  • Facebook thinks I am single. (I am not, but I see no reason to disillusion them)
  • I am a man and she is a woman
  • I have interacted with her recently, “Liking” a couple of posts

Therefore I probably have a sordid passive romantic interest in her; I need to either move on or tread much more carefully so that her new boyfriend doesn’t bash me. Useful, right?

I am curious to know whether she received a questionnaire like this one when she updated her relationship status:

Send email notification of relationship status change to:

  • Nobody
  • All friends
  • A handful of guys we think might be creeping on you

I doubt she did. I am going to assume Facebook just went ahead and did what it thought was most interesting for each of her friends.

Consider the end result: I have effectively stalked some girl’s relationship status with zero active effort on my part. If I were given the choice I would not do that. Facebook is taking advantage of all the data available to me and making decisions for me, including those that might be morally dubious.

We have double plausible deniability – I can feel like I’m not really being creepy because it was just something that Facebook did. Meanwhile Facebook’s algorithms are hidden from view. I can’t say for sure that they’re encouraging stalkerish behaviour; perhaps it was just a quirk of their system. What I do know is that they would claim that their algorithm is simply a calculation of relevance and has no associated moral issues. To their mind, if my friend updates a setting that she shares with her friends there is no reason why she should be alarmed when her friends see it.

This means Facebook is effectively selling an automatic morality-agnostic data analysis service using your contacts’ lives as input. This bothers me.

At the end of the day this raises some questions. Do we really accept that all data we can access is data we should use unconditionally? If there are moral limits to the use of that data, who is responsible for enforcing those? We need to come up some answers because it’s starting to get away from us.

Police Powers in the Workplaces (Protection from Protesters) Bill

by ,

Today the Tasmanian Liberals tabled a bill in parliament targeting protesters. Anyone who’s been awake sometime in the last few years will realise that is just a new bit of the battle between the Liberals and the Greens. One side tries to keep the forestry industry chugging away while the other tries to prevent environmental damage using protests and pickets and the like. Expect to hear the usual disagreements in the news over the next week.

Even if you don’t care about any of those things it’s still worth sitting up and taking notice of this bill. It has some nasty bits. It would be a great shame if they were missed amongst all the partisan bickering.

In this respect it’s much like the Vicious Lawless Association Disestablishment Bill in Queensland – just because you don’t care about bikies doesn’t mean it’s a good idea, and it doesn’t necessarily mean that it won’t affect you.

Let’s have a look at Part 3 of the bill which concerns Police Powers. Section 11 part 1 reads:

A police officer who reasonably believes that a person has committed, is committing, or is about to commit, an offence against a provision of this Act may require the person –
(a) to state the person’s name and date of birth; and
(b) to state the address at which the person ordinarily resides; and
(c) to give to the officer any evidence of the person’s identity that the person has in his or her possession.

Furthermore if you the officer reasonably believes that you are not complying with part (c) they are allowed to search you.

Reasonably believes” is an interesting wording. So is “about to commit”.

Suppose you are attending a peaceful and lawful protest. A police officer reckons that you’re going to impede business activities shortly and asks to see your identification. How are they supposed to know that? You feel that this is bullshit and say so. Would that kind of disagreement set you up for a frisking? It probably depends on who you are and what you’re protesting.

Perhaps identification isn’t a big deal to you. You’d be willing to do that if it means troublesome protesters can be rooted out and dealt with. Let’s read on to section 12 part 2:

A police officer may direct a person who is in a business access area in relation to business premises to leave the business access area without delay, if the police officer reasonably believes that the person has committed, is committing, or is about to commit, an offence, against a provision of this Act, on or in relation to –
(a) the business premises; or
(b) a business access area in relation to the business premises

Not only can you be asked for identification, but you can be forced to leave the protest area just because the police officer believes that you might commit an offence in the future. Is that likely to happen? It probably depends on who you are and what you’re protesting.

Also you have to stay out of the business for 4 days afterwards or you get a big fine.

This bill is highly problematic. You can be penalised for or prevented from doing nothing more than peaceful lawful protest if police discretion goes against you.

Normally it has to be proven beyond reasonable doubt that you committed a crime before you are penalised. That has been flipped around in this case. Why? Of course we make exceptions to this rule – if somebody is planning a mass-murder we don’t wait around for them to do it because we recognise that they’ll do massive irreparable damage. In this case we’re talking about impeding a bit of legitimate business. Is that worth inverting our usual process of justice for? Why not simply document evidence and charge people who protest unlawfully after the fact?

Furthermore, if the police are demanding IDs, searching people, and dispersing any unfavourable protest without any particularised or evidenced reason, how many people will say “no” and fight it in court? Not many. How many will show up to protest in the first place? Probably fewer. This has a chilling effect on any kind of protest but particularly those of minorities or those who disagree with the current government. If police are required to make important calls like these they can become the bad guys in the eyes of protesters. This is well worth avoiding.

Will this bill promote peaceful protest and deter unlawful protest? It probably depends on who you are and what you’re protesting.

Idiots on the hunt for hotties

by ,

So, about this idea of setting up a webpage where we share and compare photos of attractive students on our university campus. It’s not exactly an original one. By now just about everyone knows about Mark Zuckerberg’s early website for comparing the “hotness” of students, Facemash. He was nearly expelled from Harvard for it. A great shame he wasn’t.

The concept lives on, naturally enough, on Facebook. A search for “hotties university” will quickly bring up plenty of relevant results.

Today one appeared for my alma mater. Sigh.

Sexual empowerment is a feature of this day and age. If someone wants to put their own saucy photo online for all to see, good for them. If instead a creepy Facebook friend trawls through their friend-only photos for the most salacious then publishes them publicly along with personal details, is that empowering or disempowering? Let’s be honest, that “friend” is not doing them any favours.

To anybody with an ounce of common sense and a modicum of online experience, creating this kind of forum is a singularly bad idea. People will source photos from inappropriate places (not asking permission), pass horrid judgements on people’s appearance and generally make life hell for people who are deemed not to understand a bit of “harmless fun” when they see it.

I am fairly certain that the person who created the page means no harm. I’m sure the same applies to the majority of people who “like” it. They might well view it as a tongue-in-cheek celebration of the good-looking folk they pass in the corridors every day. Either that or as a sordid source of stimulation. I’ll never know and I sincerely hope not to.

For those who feel humiliated being held up as a sexual object—and for those who can’t help but take personally comments about how ugly they are—it’s a much more serious situation. And they have no control over it. At best they can try to laugh it off. The worst doesn’t need explaining. That’s what happens when you set these things up on a laissez-faire American social network.

It calls for ethical judgement from everybody involved. Just because you can “like” a Facebook page doesn’t mean that it’s the right thing to do. Just because you can post a photo of a fellow student without getting caught doesn’t mean that you should. It is an unfortunate reality that the least empathetic amongst us have the same opportunity to create and moderate a Facebook Page as anybody else.

I make a simple request: please don’t participate.

Just how much of a shock can you get from a MacBook charger?

by ,

Here in Australia I am fortunate that electrical devices usually have the metal parts earthed. I was therefore shocked, in both senses of the word, when I found out that the short plugs for MacBook power supplies don’t have an earth pin. Under the conditions of my living room using this short plug means that I get a nice tingle when I touch the metal case of the MacBook Air.

MacBook Charger PlugsWhat’s more, it triggered my Fluke volt stick (something like this). Usually this is something I use at work to tell me that I shouldn’t touch a metal object because it has potentially lethal AC voltages—and this charger with the unearthed plug was setting it off. I was quite alarmed.

Likewise the effect has caused widespread consternation around the web. There are conspiracy theories of an Apple-orchestrated cover-up along with dubious bits of advice to reset various functions on your laptop or get your electrical outlets checked.

Amongst the noise I found some well-informed comments by a chap called Dave Heap, who claims extensive electrical experience and knowledge of Australian standards. He examined the charger and noted a surprisingly high voltage: “there is 120V AC 50Hz with respect to mains earth present at the case of the computer!”

Despite this scary-looking number he also determined that the maximum leakage current would be “around 0.2 mA … well below the specified limit of 1 mA.” In other words even if you grab onto your laptop and hold on, not very much is going to happen.

This left me wondering how much of a belt you can get from the laptop when you first touch it. It’s one thing to say that it can only push 0.2 milliamps continuously but what if it stores up a chunk of energy and delivers it to you in one hit?

I borrowed an oscilloscope and high impedance probe (thanks Tim!) and probed the metal tip of the unearthed charger, relative to mains earth. This gave me the steady state waveform below, ticking away at 50 Hz as you would expect.

Steady State charger waveform

It isn’t exactly the nice 120 VAC that Dave found—more like +120 to -220—and I won’t pretend to know why. Clearly though there is a high voltage present and that’s why my volt stick activated. The real question is how much oomph there is behind that voltage.

To test that I put a 385 kΩ resistor in parallel with my probe. This gives the charged energy somewhere to go. (Coincidentally, this is a similar resistance to a dry human.) I then touched the probe against the tip of the charger and measured the voltage as I did so. Here’s a nice example of the result:

Clear spike from macbook chargerClearly the voltage starts out high and decreases exponentially. In other words, it looks exactly like a capacitor discharging energy.

I would be lying if I said the results were consistent. See below for a few samples. I tried it a number of times and picked the one I did as it was reasonably “big”. In this context, a big spike has a high starting voltage and stays high for a longer period of time. The conclusion to make here is that you’re not going to get exactly the same result every time you poke your laptop with your finger.

Various waveforms

If we mark on the voltages and times it’s straightforward to calculate the size of the capacitor we’re dealing with.

Waveform markingsIn this case we have a time constant of 0.560 ms, giving us a capacitance of 1.45 nF. In the context of power supply that’s pretty tiny. Another calculation shows that if such a capacitor is charged to 268 V it will contain a total energy of 52 µJ. That is another small number.

More interesting is the current that flows when you first touch it. With the 385 kΩ resistor the initial current will be 0.687 mA. If your hands are damp your resistance might be more like 60 kΩ, which will have an initial current of 4.5 mA.

So is it safe? I dare not make any conclusions of my own as I am hopelessly unqualified to do so. For the purpose of discussion though let’s pop these results against some numbers I found on the Internet:

Discharge energy: 0.052 mJ
Maximum static discharge from consumer products (IEC 60065 via Wikipedia): 350 mJ
Direct serious risk to human health (IEC 479-2:1987 via Wikipedia): 5000 mJ

Initial current: 4.5 mA
Minimum current that can be felt (AC) (via Wikipedia): 1 mA
Minimum current that can be felt (DC) (via Wikipedia): 5 mA
Minimum current to cause ventricular fibrillation (AC) (via Wikipedia): 30 mA

Copyright history isn’t all that rosy

by ,

EFA posted this on Facebook this evening:

efa_copyright

(linking to this article)

I get a little nervous about that kind of accusation. In his essay Misinterpreting Copyright, Richard Stallman argued persuasively that the role of copyright is a “bargain” in which the general public gives up their right to copy in exchange for more nice literature being created. It sounds wonderful but he starts with the same premise – that this bargain is fundamentally what copyright is about.

Indeed that might be true from the perspective of the United States. RMS quotes the Constitution…

[Congress shall have the power] to promote the Progress of Science and the useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.

That sounds pretty good. And Fox Film Corp. v. Doyle, a 1932 case in the US Supreme Court:

The sole interest of the United States and the primary object in conferring the [copyright] monopoly lie in the general benefits derived by the public from the labors of authors.

If we go back a little further to when the concept of copyright originated in Britain we have a slightly less wonderful picture. The regulation of print started with the Licensing of the Press Act 1662. This was primarily censorship legislation. Every publication had to be registered with the private Stationers’ Company of London.

[It] is matter of Publique care and of great concernment especially considering that by the general licentiousnes of the late times many evil disposed persons have been encouraged to print and sell heretical schismatical blasphemous seditious and treasonable Bookes Pamphlets and Papers … endangering the peace of these Kingdomes and raising a disaffection to His most Excellent Majesty and His Government For prevention whereof no surer meanes can be advised then by reducing and limiting the number of Printing Presses (full text)

We got copyright more like we know it today with the Statute of Anne in 1710. This copyright was vested in the author of the work and it lasted for 14 years. Copyrighted works still had to be registered with the Stationers’ Company. This legislation was eventually passed because of complaints about the censorship monopoly of the Stationer’s Company and authors getting a raw deal. It is important to note that the masses were not screaming out for a bargain that would allow them to buy more cool books.

This legislation described as “a historic moment in the development of copyright” was in fact created to protect content creators.

When the copyrights granted to works published before the Statute began to expire in 1731, the Stationers’ Company and their publishers again began to fight to preserve the status quo. Their first port of call was Parliament, where they lobbied for new legislation to extend the length of copyright, and when this failed, they turned to the courts.

That is, publisher monopolies have been trying to extend the copyright period since before the US Constitution was even drafted. Hooray.

I really like the idea of copyright as a bargain. Stallman’s essay is great explanation of the idea. I think we’re kidding ourselves though if we think that it was like this in the “good old days”.

NSA Phone Metadata Collection: constitutional or not?

by ,

If you’ve been following the news headlines recently you could be forgiven for being a little confused. A couple of weeks ago: NSA phone surveillance program likely unconstitutional, judge rules. Then a couple of days ago: NSA phone records spying is constitutional, judge says. They are two separate cases although they cover very similar things.

The first is Klayman v. Obama. The plaintiffs are seeking a preliminary injunction preventing the Government from collecting their phone records and to delete past records. Judge Richard Leon did not uphold all aspects of the complaint but has granted this injunction on Fourth Amendment grounds. He has stayed his order pending appeal. I discussed some interesting parts of this ruling in a previous post. (Ruling PDF)

The second is ACLU v. Clapper. The plaintiffs are seeking a preliminary injunction preventing the Government performing future mass collection of phone records or using any queries associated with the plaintiffs. Judge William Pauley has dismissed essentially all arguments supporting this complaint, which were based on statutes and the First and Fourth Amendments. (Ruling PDF)

Obviously the two courts have some disagreements. Here are some of the main ones.

Smith v. Maryland

Both rulings consider Smith v. Maryland closely and this is probably the most important difference as it goes to the heart of whether the NSA’s program violates the Fourth Amendment (hence the dramatic headlines). To recap, without a warrant, police placed a pen register on Smith’s phone line to record what numbers he dialled. Back in 1979 the Supreme Court found that this did not amount to a search as defined by the Fourth Amendment so this surveillance did not impinge on constitutional rights. The argument came down to reasonableness—Smith’s reasonable expectation of privacy did not extend to the numbers that he dialled because he knowingly and voluntarily transmitted them to the phone company.

Leon refused to be bound by this precedent on the grounds that circumstances are substantially different—particularly the enormous quantities and indiscriminate nature of the NSA’s collection, the amount of historical data kept (five years), modern analysis to gain insights into people’s lives using the data, the changed relationships between governments and telecommunications companies, and the changed relationships between people and their phones.

Pauley ruled that Smith applies because the important factors have not changed. He states that “While people may ‘have an entirely different relationship with telephones than they did thirty-four years ago,’ [citing Klayman] this Court observes that their relationship with their telecommunications providers has not changed…” Because the kinds of data being collected now—phone numbers, time of call, duration of call, IMSI, IMEI, etc.—are not substantially different from the data recorded by the pen register, Pauley argues that the collection is much the same thing: “The collection of breathtaking amounts of information unprotected by the Fourth Amendment does not transform that sweep into a Fourth Amendment search.”

Pauley also adds that “the business records created by Verizon are not ‘Plaintiffs’ call records’”. He stands by the Smith conclusion that you forfeit the right to privacy for records that you voluntarily provide to your phone company. In one footnote he describes many examples from case law in which the individual surrenders their reasonable expectation of privacy, such as bank records, information given to an accountant, information given to a confidant, information given to a false friend, subscriber information given to an ISP and information from a home computer that is transmitted over the Internet.

Reasonableness of search

Leon ruled that the “plaintiffs have a significant expectation of privacy in an aggregated collection of their telephony metadata covering the last five years”. He then balanced this against the Government’s need for the data to maintain national security. He was not satisfied by the Government’s evidence that they needed the bulk telephony data to solve any problems that they would have been unable to solve otherwise. Thus he ruled that on balance the reasonableness tipped in favour of the privacy rights of the individual.

Pauley ruled that the plaintiffs had no reasonable expectation of privacy and also upheld the Government’s need for the data. He summarised three cases in which the telephony data explicitly assisted with counterterrorism investigations. He accepts that the Government is collecting virtually all telephone records in the United States and defends this: “without all the data points, the Government cannot be certain it connected the pertinent ones…all telephony data is ‘necessary’ to permit the NSA…to do the algorithmic data analysis to determine ‘connections between known and unknown international terrorist operatives.’”

Pauley rejects the ACLU’s claims that the quantity of data collected, particularly of irrelevant innocent people, reflects poorly on the collection program. He explains that courts routinely subpoena enormous amounts of data, only a small amount of which is relevant for a case and rules that this type of data collection is the same sort of thing as a grand jury subpoena. If there were other bits of metadata being included that were truly unnecessary then this argument might have traction but he is satisfied that all of the metadata currently being collected is relevant.

Compliance and oversight

Leon presented a negative picture of the Government’s compliance with FISC orders to minimise the amount of data they queried. “Judge Reggie Walton of the FISC concluded that the NSA had engaged in ‘systematic noncompliance’ with FISC-ordered minimization procedures… As a consequence, Judge Walton concluded that he had no confidence that the Government was doing its utmost to comply with the court’s orders…”.

Pauley’s view was a much more positive one. He made particular note of the iterative and consultative processes that occurred between the Government and the FISC to ensure that their activities under section 215 of the PATRIOT Act would be approved. “The iterative process Judge Bates describes is routine and demonstrates the FISC does not ‘rubberstamp’ applications for section 215 orders.” He paints a happy picture of the NSA reporting its own noncompliances on several occasions and then working with the FISC to implement remedial measures and ensure future compliance.

Pauley does note that the FISC is inherently less effective because of its ex parte nature (that is, there is no representative of “an American citizen” to argue against the government): “Its ex parte procedures are necessary to retain secrecy but are not ideal for interpreting statutes. This case shows how FISC decisions may affect every American—and perhaps, their interests should have a voice in the FISC.”

Queries and the three hops rule

Leon understands fully the quantities of data that can be received from a single query when you apply the three-hops-from-seed rule—he discusses how a single query could return records for potentially millions of numbers or more, depending on whether a pizza shop is included. This could allow the NSA to retrieve enormous amounts of data from the database even with only 300 authorised search terms in a year. He disregards the claim that the records returned by queries are “a very small percentage of the total volume of metadata records”, simply on the grounds that the total volume is probably extremely large.

Pauley rules that the controls on the NSA’s access to the database are appropriate. He is satisfied that the database is only being accessed lawfully: “First, without additional legal justification…the NSA cannot even query the telephony metadata database.” He views the three hops rule as a useful restriction: “Second, when it makes a query, it only learns the telephony data of the telephone numbers within three ‘hops’ of the ‘seed’.” He also considers the impact of this particular program in isolation: “Third, without resorting to additional techniques, the Government does not know who any of the telephone numbers belong to. In other words, all the Government sees is that telephone number A called telephone number B”.

I would add a couple of points of my own here. Ultimately we would like to reconcile the potentially enormous amounts of data under the three-hop rule with the Government’s claim that only a “small percentage” of the data is returned in queries. It makes a big difference if a “very small percentage” is 0.1% or 10%, and whether this percentage is spread out evenly geographically and demographically. Because of this uncertainty I take this claim with a hefty grain of salt.

Pauley’s claim that the government does not know the names of phone account holders is completely disingenuous. It has already been reported from the Snowden leaks that the NSA is collecting enormous numbers of electronic address books. What else is it going to use these for, other than to match up names, phone numbers and email addresses with superb accuracy?

Conclusion

For those of us hoping the courts would find that the NSA has crossed the line, Judge Pauley’s ruling is sobering. Although I think he relies on some misconceptions, he puts up some convincing arguments that this type of metadata collection may well be constitutional despite its enormous scope.

Perhaps the case will go to the US Supreme Court and it will rule that mass telephony data collection is constitutional. In this case it is important to remember that just because an activity is lawful does not mean that it is the best solution to a problem. It simply means that changes will need to be directed by legislation via Congress rather than the courts.

What’s more, these are lawsuits based on the very first of the Snowden leaks—the order forcing Verizon to hand over phone records on an ongoing daily basis. It’s could well be that other parts of the NSA’s conduct are unconstitutional. They are not being tried in these cases.

Highlights from Judge Leon’s ruling on phone metadata collection

by ,

Judge Richard Leon delivered a pretty severe smackdown to the NSA last week. He has ruled in favour of granting a preliminary injunction to Larry Klayman and Charles Strange to prevent the US federal government from collecting any of their phone record metadata, and to force the government to delete any existing records concerning them. He believes that the plaintiffs have a reasonable chance of successfully arguing that the bulk collection and analysis is unconstitutional under the Fourth Amendment.

Leon’s 68-page memorandum opinion is fascinating (if somewhat heavy) reading. The plaintiffs’ arguments fall short in some ways but he has used the Government’s own defence to plug those gaps. He explicitly rejects some of the traditional arguments used to justify this type of collection. He presents some interesting background describing NSA’s inability to comply with regulations, which was only declassified post-Snowden. The case also provides some insights into the ways that the US Government defends its programs.

Ignoring the more procedural and US-centric parts, here are some parts I found most interesting.

Collecting enormous amounts of data with the three-hop rule (p17)

The Foreign Intelligence Surveillance Court (FISC) orders specify that metadata records can only be accessed for counter-terrorism purposes. There has to be a “reasonable, articulable suspicion” (RAS) that the search term is associated with a foreign terrorist organisation. These terms have to be approved by one of a number of (non-judicial) officers before they can be used. It is claimed that fewer than 300 unique identifiers met this standard in 2012.

For each of these terms, query results are limited to three hops away from the starting point. This means if they search for a phone number of a suspect they will receive:

  1. For that suspect, records of all incoming and outgoing phone calls in the last five years
  2. For all the suspect’s contacts, records of all their incoming and outgoing phone calls in the last five years
  3. For all the suspect’s contacts’ contacts, records of all their incoming and outgoing phone calls in the last five years

Leon does some very rough maths to suggest that if each person has 100 contacts over the last five years, a single query will return records for perhaps one million numbers (assuming no overlap). He also suggests that if the suspect has called a local pizza shop, suddenly the second and third hops will cover incredible numbers of people. Furthermore, once a search term is authorised they can use it again and again to obtain new data.

Once they have this enormous block of data they are free to place it in an unrestricted database which they can query without specific justification. It seems to me that if they choose their numbers carefully they could “incidentally” capture the phone records of pretty much everybody in the United States.

Non-compliance with restrictions on querying metadata (p21)

To make matters worse the NSA does not even comply with the rules. Leon quotes a report by a FISC judge in 2009. This report was only declassified by the Obama administration after the backlash following the Snowden leaks.

The Government has nonetheless acknowledged, as it must, that failures to comply with the minimization procedures set forth in the orders have occurred. For instance, in January 2009, the Government reported to the FISC that the NSA had improperly used an “alert list” of identifiers to search the bulk telephony metadata, which was composed of identifiers that had not been approved under the RAS standard… After reviewing the Government’s reports on its noncompliance, Judge Reggie Walton of the FISC concluded that the NSA had engaged in “systematic noncompliance” with FISC-ordered minimization procedures over the preceding three years, since the inception of the Bulk Telephony Metadata Program, and had also repeatedly made misrepresentations and inaccurate statements about the program to the FISC judges.

So the NSA lies not only to Congress, but also to the secret courts. Marvellous.

Every phone customer has a reasonable expectation that their privacy is being violated (p38)

At the preliminary injunction hearing the plaintiffs were asked if they had any “basis to believe that the NSA has done any queries” involving their phone numbers. Their response was inadequate – Mr Klayman had been experiencing strange behaviour with sent and received messages but the court found that this held no bearing on whether the NSA had analysed his phone metadata. In spite of this Leon stated:

The Government, however, describes the advantages of bulk collection in such a way as to convince me that plaintiffs’ metadata—indeed, everyone’s metadata—is analyzed, manually or automatically, whenever the Government runs a query using as the “seed” of a phone number or identifier associated with a phone for which the NSA has not collected metadata

This is based on the idea that your records are searched every time the government uses a foreign phone number as a starting point. Leon refers to a government declaration stating that if they have the phone number of an al Qaeda safe house in Yemen, they would be able to use the metadata to find people who had contact with that number. Leon argues that since the government would not have access to the Yemeni records, they would be required to search all of the US customer data in order to find those people who had called the foreign number. This would constitute a search of every US citizen whose data they possessed.

To me this seems like a very important finding – that having your data queried for a term, even if it comes up negative, counts as a Fourth Amendment search.

Distinguishing between opaque and transparent data (p41 footnote)

In its response the government referred to a previous case (Horton v. California) concerning whether seizure of a container amounted to a search of it. They claimed that acquiring an item without examining it contents (i.e., collecting metadata without subjecting it to a query) “does not compromise the interest in preserving the privacy of its contents”. Leon specifically rejects this similarity:

Horton involved the seizure of tangible items under the plain view doctrine… In the case of the bulk telephony metadata collection, there is no analogous “container” that remains sealed; rather, all of the metadata is handled by the Government, at least to the degree needed to integrate the metadata into the NSA’s database…

Telephony data is not kept in an unmolested, opaque package that obscures it from the Government’s view.

I find this interesting because it leaves open the possibility of collecting either encrypted data or data which is never processed or analysed in any way. The fact that the data from each provider must be processed to match their metadata database seems to be an important factor in his decision.

Rejecting the Smith case that you have no reasonable expectation of privacy for numbers dialled (p44)

Leon describes a famous case Smith v. Maryland (1979) which discussed police putting a pen register on Smith’s telephone line without a warrant, allowing them to monitor which numbers were dialled over a period of days.

The Supreme Court held that Smith had no reasonable expectation of privacy in the numbers dialed from his phone because he voluntarily transmitted them to his phone company, and because it is generally known that phone companies keep such information in their business records. The main thrust of the Government’s argument here is that under Smith, no one has an expectation of privacy, let alone a reasonable one, in the telephony metadata that telecom companies hold as business records; therefore, the Bulk Telephony Metadata Program is not a search. I disagree.

He then launches into a long and passionate argument why this case is substantially different in many ways. These reasons include the number of phones in use, the way we use our phones now, ongoing vs targeted collection and changes in society’s reasonable expectation of privacy. None of these are unfamiliar but it is great to see a judge putting them forward as serious considerations.

The phone metadata has not been shown to be useful (p61)

Leon says that the searches are likely to be found unreasonable because the government is not able to demonstrate that they are actually useful. The main argument they presented in favour of the bulk collection was the speed with which they were able to respond to emergent threats.

Yet, turning to the efficacy prong, the Government does not cite a single instance in which analysis of the NSA’s bulk metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.

Conclusion

In this opinion Judge Leon strode boldly into the key issues that we’re facing today – what is legal and illegal collection of metadata, and what is it that ordinary people would find reasonable? It is of immense help to the plaintiffs that they have the Fourth Amendment to lean upon, a benefit we lack here in Australia. We should observe the case closely, both for its eventual outcomes and also the arguments put forward by both sides in the inevitable appeal.

Twitter Blocks: Aspirations vs Reality

by ,

Today we witnessed all the excitement of Twitter’s brief-lasting new blocking policy. They changed blocking so that instead of making someone unable to see your tweets, you simply couldn’t see any of theirs.

There’s a trade-off to be made here and in my opinion they ultimately made the right decision by reverting to the original behaviour. On one hand, the existing system was a useful tool for deterring low-level harassers. On the other, Twitter was concerned about retaliatory behaviour when a user blocks someone. Judging by the resulting furore, the former was more important than the latter so they changed it back. A happy ending.

A great many harsh things were tweeted today that aren’t really fair. From one side there were claims that this is what is happens when straight white male programmers who’ve never been harassed online make decisions about cyber-safety. On the other side there was the patronising black and white assumption that because most people’s tweets are public anyway the blocking doesn’t make any difference.

The remarkable aspect to me is how deeply Twitter users care about this change. To me there does not seem to be an enormous difference between the proposed and existing blocking systems. It almost doesn’t fall in the category of cyber-safety – the kind of people who are not merely annoying but are actually going to threaten your safety won’t be significantly deterred by a block. Then again, I am very used to blocking-by-ignoring. It has long been the traditional way to deal with annoying people online. Only more recently with services like Facebook and Steam have people come to have identifiable accounts that cannot be simply discarded, making punishment more effective.

I think that those who are finding themselves really angry about this kind of change need to reconsider whether they should use Twitter. Yes I am advocating blaming the victim here. I think they have possibly strayed outside their social media comfort zone.

On the face of it this is absurd. Why should you be forced off a popular Internet service or forced to make your profile private because some other person wants to make your life difficult or stalk or harass you? Obviously it’s not your fault and the harassers should be held to account as much as possible. The “as much as possible” is where it gets tricky.

“Social media” (to use the term very loosely) can be put on a rough scale. Toward one end we have rough-and-tumble anything-goes completely-anonymous completely-public discussion with minimal oversight. 4chan’s /b/ is pretty much the epitome of this. On the opposite end we have something like Facebook. You need to surrender your real name, email address and phone number to sign up. You are locked in to your particular account by the network of friendships you need to see posts. Facebook puts a lot of effort into moderating content. You can report users for harassment and Facebook staff have the tools, capability and desire to do something about it.

social_media_comparison

Twitter is interesting because it is both incredibly popular and significantly closer to the 4chan end of the scale. You only need an email address to create an account. Anybody can get a throwaway email address. This is why Twitter has such difficulties with spam.

The important point is this: each of these services was specifically designed to occupy that spot on the scale.

Facebook is designed to be a tightly networked safe space with accounts tied very closely to real people. /b/ is designed to be the wild west. Twitter is designed to be somewhere in the middle where anybody with an email address can sign up, follow whomever they like without permission, and tweet at anybody they like.

We are free to criticise the policy decisions that these services make. We still need to keep in mind their context and what it is we signed up for.

If you post a picture of yourself on /b/ and suffer harassment (pretty much inevitable) any attempt to get help from a moderator would only open you up to further ridicule. Similarly if you posted pornographic content on Facebook you’re not going to get very far saying “it’s a free internet and I’m an adult”. You’d be smacked down with the terms of service.

So it is fairly clear that things get rougher the further you move to the left. Twitter provides much less control than other social media. The real question is: what do we do about it?

It would be really nice to say “Nobody should have to suffer harassment on the Internet no matter which service they use”. There are two ways we can do this. The first is to achieve world peace and happiness and create great global educational programs that teach all kids from a young age to be respectful online. The second is to eliminate sites like 4chan from the internet and put much stronger controls on sites like Twitter; in other words, make it so that the only services that exist are the ones at the right-hand side of the scale.

The world peace idea is obviously a work in progress and unlikely to be completed any time soon. Some people have had a go at the second by proposing internet filtering schemes, licences to use the internet, banning encryption and so on. Unfortunately these things damage freedom of speech, freedom of association, democracy and whistleblowing to counter corruption and abuse of power. So I don’t want to do that either.

In the end we’re simply left with taking some personal responsibility for choosing services that match our values and desires. Is this victim-blaming? Yes. Is it always this rigid? No.

Social networks can and will respond to market forces. Twitter did exactly that today. If they didn’t, a competitor would spring that up that provides the most popular balance. But they didn’t really have to shift that far.

At the end of the day, Twitter is what it is. It’s never going to be a utopia of people who are always respectful. In fact, it was clearly never designed to be one.

Why the ORP1 isn’t raising any money

by ,

The ORP1 is a gadget to provide Torified internet access and VPN access to a home network. They’re hoping to achieve $200k of funding with Indiegogo to get into a manufacturing run.

They’re not getting much money. Why? Because Australians still don’t give a toss what their intelligence agencies do. Most of them have never heard of open source.

I don’t wish to get on my moral high-horse here. Australians genuinely have lots of very important shit to worry about that doesn’t involve PRISM and fibre-optic taps and DSD collaboration and whatnot. There is a segment of the community (myself included) who feels differently but we are reasonably detached. The ORP is just another example of that.

I put the ORP in the same category as CryptoParties. These would be extremely popular in some fictional world where people are scared of their government, worried that they’re living under some new-age Stazi and need the geeks to save them.

It just isn’t true. If you go outside the Twitter and Reddit bubbles and talk to some ordinary people about these leaks and revelations they simply don’t care. They’re probably not going to care until something clearly unfair happens to someone due to over-zealous metadata collection or the like.

  1. This is not anybody’s fault.
  2. The onus is on us to constructively argue why things will be different from the way they are now.
  3. The time is not yet here for products or services that rely on Australians feeling intimidated into not doing certain things on the internet.

For what it’s worth, the ORP1 looks like a cool bit of gear in a similar vein to what the FreedomBox project hopes to produce.

As a community who cares about the privacy of individuals online, we need to be focusing our efforts on raising awareness about the dangers. When the zeitgeist arrives, then products like the ORP1 will shine.