Monthly Archives: June 2013

A Little Bit of Snowden In All Of Us

da-vinci-profile

Man is not what he thinks he is; he is what he hides.

– André Malraux

By now word has reached many regarding one Edward Snowden and the exposure of the NSA’s (National Security Agency) PRISM program and how the agency has literally taken to storing records of our phone calls, emails and other communiques – and more importantly, how this is all done indiscriminately with little or no control parameters from the legal system. Indeed, it’s probably not surprising that George’ Orwell’s 1984 is now selling like never before.

But the remarkable thing about all of this is how many of us accept surveillance by the state as part of our lives – just as my generation learned to live with the notion of imminent nuclear annihilation. Now, our children are growing up with the idea of cameras watching their every moves, emails and text messages being accessed at will while through the powers of analytics, our thoughts, desires and attitudes expressed through our various accounts on Facebook, PinInterest, etc.

As I’ve said before in my early work, privacy is dead; get used to it.

But I also recall earlier conversations with professionals on this very topic of privacy.

Some years ago, I befriended former neighbors of ours – a remarkable couple who shared a commonality with having some distant shared family relations: the woman and her live-in boyfriend who rarely spoke about his work, save for one evening while dining, I mentioned my interest and knowledge of arabic history. During the course of the coming weeks, the gentleman and I would speak at length about the various works of Farid ud-Din Attar (“The Conference of the Birds”), the point of the view of the arabs in regards to the various crusades along with a host of other fascinating discussions.

It was during the course of these dinner discussions that I learned from the nice gentleman how he casually happened to be in Damascus during the Lighting (Arab / Israeli) War of 1967.  I later on brought up this point when it was quiet and it was then he realized his faux pas – to which I assured him that it was a point I had already forgotten; some things are just best left unsaid.

Later on that week, I was given a small token – a 5 inch diskette. When I examined the diskette, I learned that it was an encryption software package, designed to encrypt your files on your computer.

Understand, this was not for general distribution and was well before the days of PGP or otherwise.

During the course of time, I learned a number of skills and notions, one of which is a basic axiom of intelligence: never use any obvious ‘hiding’ tools for you’ll only draw attention to yourself and to your colleagues. The purpose of the encryption package, I learned, was to take a message, recast it into another message – but in english and not encrypted gibberish – so as to make it appeal as a normal communique.

Which leads us to another vital point: some messages are best sent by way of reference only.  As an example: speak as if you’re talking about a book you’ve read and wish to share with another; make references in a manner that the outside observer wouldn’t fully appreciate the nature of your conversation. For example: you tell another about a great scene from the classic novel, “The Three Musketeers” – more specifically, the scene where Aramis and the others hold off the Cardinal’s forces enabling D’Artangnon to escape. What this scene is about is sacrifice by a handful against a larger force – a holding action. In effect, by relating this scene you are telling your colleagues that you’re seeking a rear guard action, whilst to an outside observer they only see you speak about a scene from book.

Privacy has always been a concern; note how during the Italian renaissance – when competition was fierce and the living bloody – the notion of communicating with another without having their thoughts shared except to those intended for was uppermost on many’s minds. Many devised complicated algorithms and encryptions (such as those created by the legendary master, DaVinci) while others used references to the Roman poet Catullus, passing messages with deeper meaning amongst each other while seemingly speaking about literary verses,….

Who says the humanities are dead?

As to our family friend,… one cold, windy evening I came home to see him standing in the parking lot, furiously speaking with another gentlemen: I glanced over, but sensed that something was amiss: he appeared harried and wary, looking all around. I made it a point to avoid speaking with him, walking by him as though I didn’t know him, pretending that I did not also notice the gentlemen with whom he was speaking with.

Later that week, our neighbor came over, distraught and upset, telling us how she came home, only to find everything of her boyfriend – and she did mean everything – was gone. “It was as if he never existed!” The books he had, the computer, his clothing – everything – gone.

We never saw him again, but I remember his lessons well, for what he shared goes beyond just simple citizen paranoia about one’s own government: it’s also about how one should conduct business – period.

Amongst my other lines of work – specifically with regard to records management –  I often tell people to be careful what and how they things away; how emails are to be distributed and read by whom and how information management is truly about having an attitude of caution and a realization that somebody’s always looking over your shoulder – and if you’re not careful, is also likely to eat your lunch.

Advertisements

Is This The End (of Civil Service and Teacher Tenure)?

Martin-Sheen-in-Apocalypse-Now-sheenism-religion-for-sheen-addicts-31913576-1221-616

Well, maybe not entirely but one thing’s for sure: City Hall and our respective state capitals and schools ain’t going to be the same as we’ve known it for the past 60 or so years. The national trend that’s been taking place is the abolition of protections: chief among them, Civil Service and teacher tenureship.

Understand, the reason for civil service originally was to prevent abuse of governmental offices. Prior to the Civil War of 1861, people were hired and fired at will, with much disruption (or, as former President Andrew Jackson famously said upon being first elected, ‘to the victor go the spoils’). Any institutional knowledge was often removed, records destroyed or deliberately misplaced to prevent the in-coming administration to better administrate and perform their duties. In other instances, civil service dealt with the simple outright and total incompetence owing to the hiring of political hacks and individuals whom normally wouldn’t be permitted to drive a horse and buggy, much less oversee the distribution of funds or major governmental services. Starting around the time of President Benjamin Harrison, Civil Service was formally introduced into the American Federal system (around 1871) and although far from perfect, it was the start of an evolution of government as being a place of professionalism and competency.

Likewise, teacher tenureship also served as a viable protection for teachers potentially caught in the crossfire of warring social political groups seeking to impose their own viewpoints on schools. Piss off a group of parents who hold a specific belief and chances are, rather than face an angry mob of potential voters teachers often face dismissal.

Now, in the past 20 or so years, what with the growing economic uncertainty and growing political savagery and lack of political discourse and civility, it is now apparent that mutual consent by both major political parties – Democrat and Republican – civil service protections and teacher tenureships are being removed. Ironically, it will be far easier to hire and fire at will, re-assign individuals to office and tasks heretofore were not even considered – or shift personnel resource in ways that were not even imaginable 10 years ago.

In many ways, this can be a good  thing – if managed properly.

Let’s face it: in this changing world, technological advances and growing socio-economic challenges, governments face limited budgets and the means to best meet these challenges. In many cases, the best were not often chosen for the most important positions while hidebound rules prevented entities the ability to create positions that were not even considered when the rules and/or job positions were established. True, new job positions could be created (often with delays reaching as long as 8 months to a year) but with the loss of time, talented individuals would move on, seeking work elsewhere in the private sector – or so the argument goes,…

Now, with the job market as soft as it is, this argument is no longer valid: there is a multitude of talented individuals seeing work and would be willing to accept work at far lower wages than they would prior to the 2008 collapse.

But yet the elimination of civil service and tenureship moves forward, and the sad thing is that it’s being quietly encouraged by various political factions painting the civil service employee as lazy, do-knowing, incompetent and greedy (some public service unions would point out that is exactly the kind of employee one can expect in the future as tenureship and civil service protections are removed)_.

This trend is troubling, for although the many needs of governmental management call for greater and faster response to situations and conditions (and the flexibility which often is lacking with existing rules and regulations) still it is troubling when prejudices are fanned and those hard-working and dedicated employees (of which the majority fall into this category) are dismissed.

Also, it is troubling when one of the last bastions of security and the basis of a viable middle class structure is being removed: governmental employees.

In many ways, this nation of ours is becoming like those of those poorer, less affluent nations whose governments are derided and dismissed, watered down into impotency and incompetency.

There is a subtle irony to all of this: those who seek drastic changes utilize the very arguments of change at a time when such arguments are no longer valid: owing to poor economic conditions the talent pool is vast and the positions within government (owing to limited funds – or so we’re being told) are limited or simply being eliminated outright. Governments, like private sector employers, can pick and choose at will.

But yet the evisceration continues.

In some states – such as Wisconsin – teacher tenureship for grade schools has been successfully passed.  In New Jersey, major changes to Civil Service have been introduced and are expected to pass, with the resulting impact – as one observer suggested – being a two-edged sword.

Unfortunately, given politics in a number of states, it’s not too likely that folks will behave rationally or responsibly. This is regrettable (and perhaps, hopefully, time will prove otherwise) for this is a powerful moment: given the tremendous need for governmental reform and the call for able talent, coupled with the number of the unemployed, this could be a potentially tremendous boon for local economies as well as create more responsive and effective governments through a variety of cost-savings and effective policy implementations.

But as trends are suggesting, this may not be the case: rather, many of these moves are increasingly appearing to be little more than revenge against governmental unions, as opposed to rational review.

This is a dangerous development: safeguards that were put into place were done so on the basis of over 100 years of reason and purpose. To be certain, rules need to change to follow present day realities, but to capitulate to growing uncertainty and eliminate outright the rules and protections which ensure continuity and stability over the course of multiple administrations only invites confusion, insecurity and the potential for corruption – and with that, liability.

Consider this: it’s only a matter of time before the federal government will follow suit; something to keep in mind next time you take a drink of water, wonder who’s really monitoring your banks and financial investments or watch your kids play while breathing the air,….

Monitoring Your Movements

differnce-engine

From the “I-Told-You-So!” Files

Back in the heady days of the 1990’s (ah, when life was so much different than it is now, what with the economy strong, the job opportunities available,…), a former colleague of mine (Dr. Barbara Flood) and I did a series of colloquia trying to raise awareness about the growing assault on privacy, resulting in the ASIS (American Society of Information Scientists) 1997 Washington D.C. meeting. As part of that meeting, we submitted a paper (“Creeping Peoplebases”) and I, in turn, submitted this paper.

Written in 1997, much of the technological specifics are a little out of date, but this article did (in large part) lend to the creation of Lutz’s Law of Privacy: “There is an inverse relationship between privacy and convenience: the more you have of one, the less of the other.”

But the approach hasn’t changed – and, in fact, it’s only gotten worse. With the recent news of Verizon releasing user’s call logs to the U.S. Government, along with the growing list of other privacy ‘breeches’, it leaves one to wonder where all of this going?

Breaking open a time capsule, read this blast from the past of over sixteen – 16! years ago; see for yourself where we stand,…

1997 ASIS Mid-Year Meeting Preview

“Monitoring Your Movements”
by W.E. Lutz© 1997 ASIS

“Suppose I had a good friend here in the Bureau,” Mallory said.”Someone who admired me for my generous ways.” Tobias looked reluctant and a bit coy. “It ain’t a simple matter, sir. Every spinning-run is registered, and each request must have a sponsor. What we did today is done in Mr. Wakefield’s name, so there’ll be no trouble in that. But your friend would have to forge some sponsor’s name, and run the risk of that imposture. It is fraud, sir. An Engine-fraud, like credit-theft or stock-fraud, and punished just the same, when it’s found out.” “Very enlightening,” Mallory said. “I’ve found that one always profits by talking to a technical man who truly knows his business. Let me give you my card.”

(From the book, “The Difference Engine” by William Gibson and Bruce Sterling)

We understand the many means by which our daily activities are accessed and used for specific purposes via transactional databases. We are also aware how databases from credit cards track our activities and movements and how magazine subscription listings betray our wants and desires. What we overlook, however, is how our image — our physical appearance — is accessed and employed without our consent or knowledge. Image processing, combined with routine databasing and commercially advanced tracking devices, add a new dimension to the erosion of our privacy. The routine access of personal information combined with the physical monitoring of movements creates a growing,dangerous threat to personal privacy.

The Power of Imaging Systems

Imaging systems are high-speed multi-processing portrait storage and retrieval systems. Portraits or images of individuals are taken via electronically scanning cameras, with any accompanying data files automatically linked to any computer-generated portrait. This combination of data file acquisition (fingerprint, background information, prior history) with electronic mug-shot imaging offers a powerful tool for law enforcement agencies. The power of imaging systems cannot be underestimated. It is an uncomfortable fact that many police background checks for newly arrested suspects often take 24 hours. Suspects arrested for minor offenses often are released without the arresting law enforcement agency’s knowledge of the suspects prior criminal record, owing to delays associated with standard file checks (i.e., non-imaged police data systems). An average arrest takes approximately 60 to 90 minutes to process — fingerprinting, mug shot, file processing and statement preparation. Cross referencing with state and federal databanks often requires a delay up to 24 hours. But, according to the Camden Police Department, the use of imaging systems can cut back the average arrest time to approximately 15 to 30 minutes. Imaging systems offer unprecedented portrait manipulation and rapid data retrieval of all associated file information for law enforcement. For a growing number of agencies, gone are the days of ink fingerprints and the piles of tiresome mug shots. Imaging systems allow agencies to simply type in a rough description of a perpetrator based upon eyewitness account. In some imaging systems, simultaneous access to SCIC (State Crime Information Computers) and the FBI’s NCIC (National Crime Information Computer) is enabled, allowing direct link-up with any known federal or state suspect list within a matter of minutes.Imaging systems are becoming more prevalent outside of law enforcement. ATMs (Automatic Teller Machines) and surveillance cameras in convenience stores are another form of imaging documentation. Although a far cry from the imaging technology used in law enforcement, the potential is still present.

For example, in the Pepsi/hypodermic needle scare of 1993, the culprit was captured on a video camera in a Colorado convenience store. The public hears this and breathes a sigh of relief, knowing that yet another evil perpetrator has been captured. Note, however, that the capture was made after an intensive search through millions of video images taken from thousands of convenience stores nationwide. Out of all those thousands of convenience stores and from those million or so video shots, the single incriminating video still-shot of the crime was found! Based upon the single freeze-frame image, the perpetrator was caught and prosecuted.

The wonder of modern technology is renewed when one appreciates the amount of time and human resources such actions would have taken but five years ago. As video cameras are often used to monitor employees (casinos, high-security locales such as computer chip factories or other such industries), surveillance cameras are increasingly employed as a panacea for dealing with crime. Recent federal grant awards illustrate a growing trend of public housing authorities using video cameras to monitor and prevent illegal activities. DEA (Drug Enforcement Agency), FBI or the ATF (Alcohol, Tobacco and Firearms) account for a number of video cameras within high-crime locales, with criminal activity dramatically evaporating for fear of being captured on record. Local police agencies are not loath to spread rumors and gossip regarding potential locales as a means to further deter illegal activity — often when no such cameras or agencies are actually intended or involved.

Beyond Surveillance Cameras: Automobile Tracking Systems

Video cameras are not alone in tracking one’s physical movements. In New Jersey, a proposal for automatic toll collection by several previously non-linked authorities would allow motorists to open and maintain a common account with agencies participating in the automatic toll collection service (author’s note: this has long since been approved and is now active). Using strategically placed magnetic stickers, motorists could drive past automatic scanners without stopping to pay a toll collector or a cash receiving machine. The flip side to this convenience is that the participating motorist could be readily tracked while driving through toll booths across the state. Other new vehicle tracking technology has also recently appeared. LoJacks, installed in standard passenger vehicles, are gaining in popular usage, particularly in New York, Boston, Newark and Los Angeles. LoJacked vehicles possess a specific signature signal identifying the vehicle identification number (VIN). Each vehicle is thus uniquely identified so as to prevent confusion with other LoJack beacons. Upon the report of a stolen vehicle, police cars equipped with LoJack scanners cruise their assigned areas, literally homing in on the specific signal emitter (which flashes a signal every fifteen seconds) of the stolen car. In some areas, the installation of LoJacks is credited with a drop of up to 50% in vehicle thefts. The combination of imaging/picture tracking systems and powerful database sort/retrieval presents a new breach in the wall of privacy. It is no longer just a question of personal information being accessed by the varieties of databases, but rather how the average citizen is increasingly tracked in relation to this personal information. We know who you are, where you’ve been and what you’ve been doing. Soon, we will know specifically where you are at any given time.

Addressing Our Perceived Need for Security

As Pogo said, “We have met the enemy, and they is us.” Breaches of privacy are actively encouraged. Federal monies are offered to housing authorities for surveillance systems. We think nothing of cameras which record our every move in stores, shopping malls or at ATMs. Insurance companies offer discounts of up to 25% of annual rates for those who install LoJacks, while commuters welcome the convenience of rushing past time-consuming toll plazas. Privacy protection efforts are few and presently hold little promise. Many county sheriffs encourage families to image their children – that is, to store the personal characteristics, background information and images of children within law enforcement databanks to allow for ready and rapid retrieval if the children are kidnapped. Although one cannot argue against the safety of children, one should question the underlying premise of fear. Committing oneself and one’s children to any information system is an act fraught with long-term consequences and should be considered carefully.

Cable Television: Who Is Watching Whom?

Another vivid example of overlooking how convenience creates privacy invasion involves recent advances in cable television technology. Many cable companies employ a standard cable TV box manufactured by General Instrument (Jerrold boxes). The latest General Instrument development is the CFT2200, which, unlike most cable TV boxes, can both send and receive signals, thus facilitating pay-per-view without having to employ the telephone line or answering TV polls. Upon review, it would appear that the CFT2200 can employ home telephone lines for operation and would eventually allow for full usage of ISDN lines. Potentially, these boxes could allow for direct informational access

(i.e., Internet service providing Web TV) and may very well serve for the next wave of data access. What is disturbing about this development is the ability of cable companies to conduct real-time monitoring of viewer’s preference in TV entertainment and information access, offering simultaneous send/receive signals while the viewer is watching their shows. A detailed record of what, when and how long a viewer watched any particular show at any given moment is enhanced through new cable television technology. If the average consumer were aware of this fact prior to purchase, would so many readily accept? The difficulty lies in the average lay person understanding the power and extent of the technologies arrayed against the common person; it is this knowledge gap which makes resolving the issues surrounding the protection of privacy a formidable challenge. Many cannot readily appreciate the subtleties surrounding esoteric cable television services or imaging/monitoring technologies. As information professionals, we can share the vitality of an Internet search engine or personal communication system for common household usage while seeking out protection against privacy abuse. The question remains: where do we draw the line between the sublime and the extreme?

Options and Considerations

We are witness to the demise of our notions of privacy; this trend is congruent with rapid technological development. Luddites could argue that as technology grows, privacy dissipates; thus, technology must be curbed (so the argument goes). The genie is, however, well out of the bottle. Modern conveniences and economic advantages far outweigh any notions of denying the benefits and comforts which we amply enjoy. The approach we must now initiate rests upon legislation and education.

Education and awareness on the part of those who know and understand the reality of their surroundings remains the key to ensuring privacy. Proprietary information will remain such, but the key to economic success will be that of creative dissemination of the uses of proprietary data and/or developments. If the general public is aggressively enlightened in the ways and means of information technology, then it follows that perhaps we can expect the general population to be more discriminating when it comes to privacy protection. Just as we speak of a green consumer culture, so too we might encourage the beginning of a privacy culture. True privacy could be an emerging marketing approach given the right impetus. Effective legislation must come into play if we are to prevent further erosion of privacy. Perhaps we should consider employing European laws as models for the control of personal information and the protection of privacy. Database access or use of one’s name or other personal information could be subject to the individuals’ prior approval and/or payment — similar to royalties — with violations subject to substantial monetary penalties. The logic is inescapable: if private/public entities gain a profit from the sale and/or use of our personal information, then we should receive royalties, if we choose to participate. Those who seek not to participate in the sale and dissemination of their information should be permitted, under strict legislation, to opt out with strengthened privacy guarantees.

The time has come to reach out and enlighten legislators about the issues surrounding privacy. Some cultures hold that taking pictures of individuals and/or places robs the soul or essence of the place or person; arguably, this is now taking place. The act of taking pictures — regardless of public safety or security — constitutes an act of capturing our image without our permission. Similarly, when information is accessed — habits, purchases, profiles — could it not be argued that this is the theft of our truest proprietary data — our identities?

In the coming century, our identities will be how we appear on innumerable databases; our visage reflected in the hidden cameras and how we stand within society’s walls defined in the roll calls of databases. The time is right, therefore, to educate both the public and legislators about the relationship between ourselves and the tools which gather information about us and our fellows. Given the prevalence of modern technology, it is time to recognize that our tools are but an extension of ourselves, the surveillance cameras reflecting back our images. How we view ourselves ultimately determines how we view and shape our future. How better than to smile into the camera with a confident cheer?

The original copy can be also found here: http://www.scribd.com/welutz

William E. Lutz is a professional consultant involved with matters pertaining to security, privacy as well a records management. More about his work can be found via his LinkedIn profile of http:// http://www.linkedin.com/in/williamelutz as well as via his website of http:// http://www.welassociates.co.

Cable is Dead. Period. And FIOs and Satellite TV Had Better Watch It, Too.

An oldie but a goody,… I was recently asked to give advice regarding a municipal wireless system during which I spoke at length on how the traditional ISP’s / Cable / FIO’s people are going to face some serious changes in the way they do business – and with that, entities such as municipal wireless networks or other forms of cooperatives may find themselves more and more in the drivers seat when it comes to negotiating service terms.

shockwaveriderblog

Happy Yom Kippur!

As sit before my computer, creating a post while watching that rare – and somewhat bizarre film, “The Saragossa Manuscript” (Polish, 1965). From the IMBD website:

In the Napoleonic wars, an officer finds an old book that relates his grandfather’s story, Alfons van Worden, captain in the Walloon guard. A man of honor and courage, he seeks the shortest route through the Sierra Morena. At an inn, the Venta Quemada, he sups with two Islamic princesses. They call him their cousin and seduce him; he wakes beside corpses under a gallows. He meets a hermit priest and a goatherd; each tells his story; he wakes again by the gallows. He’s rescued from the Inquisition, meets a cabalist and hears more stories within stories, usually of love. He returns to Venta Quemada, the women await with astonishing news.

So I’m watching a weird and obscure film. So what?…

View original post 708 more words