Thursday, September 30, 2004

Telefonüberwachung: Rot-Grün legt Abhör-Gesetz auf Eis

"Ursprünglich wollten SPD und Grüne heute das Gesetz zur Überwachung von Telefondaten verlängern. Doch das Vorhaben wurde kurzfristig zurückgestellt, weil sich die Koalitionäre nicht über eine Evaluierungsklausel einigen konnten. Dabei eilt das Vorhaben - denn Ende des Jahres läuft das Gesetz aus. "

The German red-green government has postponed a renewal for collecting data about telephone connections, because they are at odds about an evaluation procedure.
If they fail to reach an agreement, the respective law will lapse at the end of the year. The Greens insist on having an evaluation clause in the new bill since it is a "substantive infringement on fundamental rights".
The fact that this comes a few days before the Green party convention may be of interest -- they are expected to take issue there with the hard-line policies of Home Secretary Otto Schily. He is now a Social Democrat, but was a prominent member of the Green Party until he left the party in anger in late 1989...

Wednesday, September 29, 2004

Flight Passenger Data -- and the problem of "mission creep"

As I wrote in an earlier post, one of the core problems with privacy -- given today's technological possibilities -- is that once the data have been collected they will invariably give rise to temptations. Ever new purposes how the data could be used will be found.
Thanks to the people at the Electronic Privacy Information Center there is now firm proof that the data collection for CAPPS II was subject to exactly this sort of "mission creep" -- a slow shifting of the goals that are to be accomplished with the program.

As the New York Times summarizes it (19.9.2004, p. 35):
"But what began as a program intended to focus narrowly on terrorism in air travel expanded greatly as it developed. The agency developed a series of 'Privacy Impact Assessments' for Capps 2 as required by federal law. These assessments are the documents that the privacy center obtained. The first draft of the privacy assessment stated the purpose of the program in one concise paragraph, saying that Capps 2 information 'may be disclosed to federal, state, local and international law enforcement officials who have jurisdiction over the airframe and/or the individual who is a known or suspected foreign territorial or who is a threat to aviation safety, civil aviation or national security.'
By the third draft, in July 2003, there were 15 paragraphs, saying the system could be used in other cases of violent crime by 'appropriate federal, state, local, international, or foreign agencies or authorities.' The third version of the privacy statement also included contractors, consultants, 'other federal agencies conducting litigation, as well as the General Services Administration and the National Archives.' The expansion of the program's mission has been reflected in public statements by Homeland Security officials, as well."

The new "Secure Flight" program is, according to the Transportation Security Administration, not to be subject to such a development. Surely EPIC will have made a mental bookmark to check on that some time in the future...

(The complete text of the NYT article can be found here. The CAPPS II privacy assessments obtained by EPIC under the Freedom of Information Act are here, here and here).

Tuesday, September 28, 2004

USA nimmt Fingerabdrücke von deutschen Reisenden

Aus der Financial Times Deutschland:
"Die USA haben die Ausnahmeregelung für Einreisende aus Deutschland und 26 anderen Ländern zurückgenommen, auch sie müssen ab Oktober Fingerabdrücke und Fotos abgeben. Trotzdem seien die Reisenden weiterhin willkommen.
Ab Oktober müssen auch deutsche Reisende ihre Fingerabdrücke abgeben, wenn sie in die USA einreisen
Die neuen Einreise-Vorschriften in die USA werden ab Donnerstag gelten. Darauf verwies der Staatssekretär im Heimatschutzministerium, Asa Hutchinson, am Montag (Ortszeit) in Washington. Betroffen sind rund 13 Millionen Reisende im Jahr.
Grenzbeamte machen ein Foto und nehmen Fingerabdrücke ab. Die Bilder werden mit Datenbanken abgeglichen, in denen Verbrecher und mutmaßliche Terroristen gespeichert sind. Die neuen Einreisebestimmungen gelten bereits seit Anfang des Jahres, doch waren Reisende aus den 27 Ländern, die kein US-Visum beantragen müssen, bislang ausgenommen. Diese Ausnahmeregelung wird mit dem 30. September gestrichen."

The question is obviously: what happens to all these data? And: will this be effective? Imagine an error quota of a mere 1% (probably far too low) -- that means that no less than 100 000 people will be terror suspects each year. And that counts only those from the countries initially deemed not dangerous...

Monday, September 27, 2004

From Wired News: Pentagon Revives Memory Project

Wired News:
"It's been seven months since the Pentagon pulled the plug on LifeLog, its controversial project to archive almost everything about a person. But now, the Defense Department seems ready to revive large portions of the program under a new name.
Using a series of sensors embedded in a GI's gear, the Advanced Soldier Sensor Information System and Technology, or ASSIST, project aims to collect what a soldier sees, says and does in a combat zone -- and then to weave those events into digital memories, so commanders can have a better sense of how the fight unfolded.
That's similar to what planners at Darpa, the Pentagon's research arm, had in mind for LifeLog, its ambitious electronic diary effort. However, ASSIST's aspirations are more modest, its battlefield focus is clearer, and its privacy concerns are more manageable, military analysts and computer scientists say. All of that combines to give the project a better chance of taking off where LifeLog crashed."

Sunday, September 26, 2004

On languages in this blog

One more thing on the rules for this blog: while its beginnings are, as you can see, in English, it is meant to be bilingual - namely English and German.
One of the reasons is that Germany is one of the cases in my investigation (besides the UK and the U.S.A.); another is that some of the material posted may well be in German - newspaper cuttings, for example; and lastly, as I will mostly work on this blog from Berlin, it would seem the polite thing to do...

The Politics of Privacy - what does it mean?

In recent years, revolutionary technical innovations in the areas of telecommunication, data transmission and computerisation have changed the availability of data fundamentally. Today, any sort of data is available everywhere and immediately in principle. At the same time the capacity for storing data has grown tremendously, and the fact that stored data can be digitally processed and linked to each other means that new data can be generated from very diverse sources of information, giving them a new quality.
The question who exerts control over such "flows of data", who has access rights, and what purposes they can be used for, is one of immense political importance, and raises a host of problems. To an increasing extent, this topic is getting onto the political agenda in many countries - see the debate surrounding the PATRIOT Act in the United States, for example. Political science, however, has so far hardly dealt with these questions both in their normative and empirical dimensions, although this is a very promising area of potentially fruitful research. Potential areas of inquiry range from questions of data protection and civil rights to that of the introduction of (machine readable and biometric) ID cards and CCTV camera coverage of large parts of public spaces and the availability of passenger travel data for anti-terrorism purposes or questions of e-commerce.
Technological developments in this area are inherently ambiguous and therefore need to be politically assessed before their potential application. Some examples may serve to illustrate this: does the combination of computers, face-recognition software and CCTV cameras, for example, constitute a step towards more efficient crime fighting (which would be positive), or a step towards an Orwellian surveillance state (which would be negative)? Does general access to strong encryption of data traffic spur up the development of e-commerce (and thus economic growth), or will it facilitate the execution of organised criminality without the fear of detection (and thus needs to be stopped)?
I am starting a research project dealing with some of the questions touched upon above, and I start this blog as an experiment. I hope that it will be a source of information and discussion for people interested in this subject, that it will serve as a place to exchange views and thoughts, and that it will make a positive contribution to the debate - and my research project. So I extend an invitation to all comers to comment on the postings and links they find here. And if you want to become a contributor, let me know -- just mention it in a comment!