Privacy Not Included

Mozilla has put together a guide to some popular internet-connected home technologies, including children’s toys, with descriptions of to what extent these devices could be used spy on you or your family.

Voice-controlled computing that could benevolently observe you and track your location looked so neat on Star Trek; now that it’s actually here, I don’t think I want it in my house…

Apple iOS 10 Voicemail Transcription

I don’t actually use my phone a whole lot for placing telephone calls. After getting an iPhone 7 about a month ago, this morning I received my first voicemail message on iOS 10. I was surprised to find the voicemail message audio auto-transcribed to text, and transcribed very well at that.

While an obviously useful technology, I presumed that the voicemail had been processed by Apple remotely at some server farm, as most current hip artificial intelligence applications run on servers rather than on clients or local computers, and that this was yet another affront to individual privacy.

Happily, I was mistaken. According to an Apple support article on using iOS 10 voicemail transcription, all transcription is done local on the iPhone device itself. If the transcription was done poorly, you can optionally send it to Apple for the purpose of them improving the transcription system, but otherwise, it appears that the transcribed text is in fact private to your phone!

Keys Under Doormats

Dovetailing into last week’s musings about the need for computer science education as part of standard school curriculum, a group of researchers at and around MIT have published a new report on the topic of law enforcement’s need for access to private (personal or corporate) data. While this need may be valid, how to implement it in acceptable way is not necessarily obvious, and lawmakers need to think through a number of important questions.

One particularly interesting passage, highlighting the value of understanding computer science in the public sphere:

With people’s lives and liberties increasingly online, the question of whether to support law enforcement demands for guaranteed access to private information has a special urgency, and must be evaluated with clarity. From a public policy perspective, there is an argument for giving law enforcement the best possible tools to investigate crime, subject to due process and the rule of law. But a careful scientific analysis of the likely impact of such demands must distinguish what might be desirable from what is technically possible. In this regard, a proposal to regulate encryption and guarantee law enforcement access centrally feels rather like a proposal to require that all airplanes can be controlled from the ground. While this might be desirable in the case of a hijacking or a suicidal pilot, a clear-eyed assessment of how one could design such a capability reveals enormous technical and operational complexity, international scope, large costs, and massive risks — so much so that such proposals, though occasionally made, are not really taken seriously.

We have shown that current law enforcement demands for exceptional access would likely entail very substantial security risks, engineering costs, and collateral damage. If policy-makers believe it is still necessary to consider exceptional access mandates, there are technical, operational, and legal questions that must be answered in detail before legislation is drafted.

Legislators need to understand technical topics related to information security and privacy in order to write and vote on legislation in a rational way. Citizen constituents need to understand these same topics in order to do their part in voicing their opinions to their representatives and in voting them into or out of office.

More: read the report.

Book Review: Privacy on the Line

I just finished reading Privacy on the Line: The Politics of Wiretapping and Encryption. With all of the information being revealed and confirmed recently about United States government surveillance on personal communications, I wanted to be more educated on the issues.

Going about our day-to-day lives, how much privacy do we really have? The authors explain:

From video cameras that record our entries into shops and buildings to supermarket checkout tapes that list every container of milk and package of cigarettes we buy, privacy is elusive in modern society. There are records of what we do, with whom we associate, where we go. Insurance companies know who our spouses are, how many children we have, how often we have our teeth cleaned. The increasing amount of transactional information — the electronic record of when you left the parking lot, the supermarket’s record of your purchase — leaves a very large public footprint, and presents a far more detailed portrait of the individual than those recorded at any time in the past. Furthermore, information about individuals is no longer under control of the person to whom the information pertains; such loss of control is a loss of privacy.

What about U.S. government surveillance? The authors provide chapters of fascinating details, including:

Beginning in 1940 and continuing until 1973, FBI and CIA agents read the private mail of thousands of citizens. … Without warrants and without congressional or clear presidential authority, intelligence agents opened and perused the mail of private citizens, senators, congressmen, journalists, businessmen, and even a presidential candidate.

Numerous other examples include the FBI’s excessive surveillance of Martin Luther King, Jr., authorized wiretaps being left activated beyond their official period of use, the FBI seeking information on who has borrowed unclassified scientific and technological books from public libraries for the purpose of identifying possible Russian spies, and more. In some cases, the FBI admitted that their surveillance tactics exceeded legal limits; in other cases, evidence against the FBI magically disappeared. Either way, it appears that if government agents wish to violate the law when it comes to surveillance, there is little (if any) actual oversight of their actions.

While government surveillance has been expanding by leaps and bounds, the authors make the case that not only is the huge amount of surveillance not commensurate with the relatively small amount of criminal or violent activity that it helps prevent, but even in situations where surveillance has been credited with helping to prevent undesirable outcomes, the surveillance tactics may not have been necessary.

It is important to apply common sense to the issue of terrorist investigations and to think clearly about which acts can be prevented and which cannot (Heynmann 1998, pp. xxi-xxiii). Timothy McVeigh’s attack on the federal office building in Oklahoma City was the work of a group of three people. … Unless the United States moves to a surveillance society on the scale of the former East Germany, the country will never be able to protect itself fully against attacks by “lone warriors” such as McVeigh.

To be clear, the authors do not claim that surveillance is useless against criminal or terrorist behavior; rather, it is of limited usefulness, and we need to appropriately balance legitimate surveillance needs with the privacy of the citizens.

On a more practical level, should we use encryption to protect the privacy of our emails and other communications? The authors seem generally in favor of it, but also warn us that:

One strategy followed by many pieces of intercept equipment should be a caution to anyone using cryptography: if an intercepted message is found to be encrypted, it is automatically recorded.

Since most emails are presently not encrypted, the very act of encrypting yours may draw attention to yourself. But at the same time,

as the use of cryptography increases, the privacy of everyone’s traffic benefits.

In light of the recent disclosures about the NSA’s methods of circumventing encryption, the book’s concluding chapter offers some especially interesting thoughts:

By building the machinery for surveillance into the US communication system, we overcome the largest barrier to becoming a surveillance society on a possibly unprecedented scale.

Once past that barrier (a place we may already have arrived at), it is much easier for laws and policies to fall into place in accordance with what is technologically possible.

This book is tightly packed with well-sourced information; I’ve only hit a few highlights here. It is available both in printed form and for Amazon Kindle, but if you don’t want the NSA to know that you bought this book, and if you don’t want Amazon to know how you read it, you might want to pay cash at the MIT Press Bookstore in Cambridge…