Category Archives: United States

‘Restore the Fourth’ Rallies Aim to Curb Digital Surveillance

Posted on by

Hundreds of protesters gathered in cities across the United States and Europe last week as part of the “Restore the Fourth” rallies aimed to call attention to government surveillance. The non-partisan organization Restore the Fourth coordinated protests online and in person against what they deem to be unconstitutional digital surveillance in the United States, including the NSA’s PRISM program.

Restore the Fourth Protest: Market Street, San Francisco

Restore the Fourth protestors march in San Francisco.
Image Credit: Flickr user Ari CC BY-NC-ND 2.0

The grassroots movement, which initially galvanized support on Reddit, aims to end all forms of unconstitutional surveillance of digital communications in the United States. To do so, the group endorses the Electronic Frontier Foundation and StopWatching.us stance, calling for reforms to the USA Patriot Act, the creation of a special committee to report and publicly reveal the extent of domestic spying, and to hold any public officials responsible for unconstitutional surveillance accountable for their actions.

Rallies of varying sizes gathered in 100 cities across the United Sates, as well as in Munich and London. More than four hundred gathered in Washington DC and in New York. Reddit co-founder Alexis Ohanian posted a Vine video of the New York protest, which gathered in Union Square. A few hundred protestors gathered in San Francisco, reported The Guardian, peacefully making their way down Market Street.

Participants primarily heard about the event online, media spokesperson Douglas MacArthur told The Guardian. As live protests gathered in streets across the country and in Europe, thousands of websites held concurrent protests online. Internet Defense League members including Reddit, WordPress, and Boingboing displayed anti-NSA banner ads on their sites. On Twitter, the #Restorethe4th hashtag gained visibility for news related to the protests and to NSA surveillance more generally.

Now that the fourth of July is over, what comes next for the movement? MacArthur emphasized in an AMA (online interview) on Reddit that the movement was never about a single protest, but about galvanizing support and awareness of the organization’s goals to curb surveillance. When asked when the next protest would be held on Reddit, a New York City rally co-organizer announced August 4th (8/4) as New York’s next rally date and suggested a worldwide “1984” day, after George Orwell’s dystopian classic.

“Surveillance Camera Man” Draws Ire, Provokes Questions About Recording in Public

Posted on by

Imagine walking down the street. Above, you see a surveillance camera mounted on a pole. Would you worry? What if a person walked over and filmed you, no questions asked?

An anonymous man in his late 20s has posted five “Surveillance Camera Man” videos in which he films people on Seattle streets and inside cars, stores, and classrooms, to the ire of those on camera. The videos raise questions about expectations of privacy in an age where institutions and individuals can easily and legally record others. Removal of the videos on various sites also highlights free speech and copyright concerns.

The cameraman and a friend began filming others as a social experiment, but he went solo after his friend couldn’t keep a straight face, according to an email interview posted on the blog Photography Is Not a Crime. His first video included forays into classrooms at the University of Washington. He posted the video on Vimeo, but the site took it down after a complaint from the university, the cameraman said. He expressed nonchalance at people calling the police on him, saying he doesn’t care about the legality of his actions. (He appears to care about copyright, as video embeds on GeekWire, BoingBoing, and Laughing Squid are unavailable due to copyright claims.)

When people in the videos asked what he was doing, the cameraman often remained quiet or said, “I’m just taking a video.” When they asked why, he occasionally responded, “Why not?” His casual tone and terse responses quickly frustrated and angered people, some of whom hurled expletives or tried to cover the camera. Several threatened to call the police; the cameraman left only when some began dialing. He also left if people became aggressive, often telling them to calm down as he backed away.

Some articulated their feelings without resorting to profanity. “I may be in a public space, but I feel threatened by you,” said one man wearing what resembled a guard or law enforcement uniform. And while the cameraman appeared to do nothing more than hold the camera and occasionally speak, GeekWire reported that YouTube took down one video based on a policy that prohibits material meant to “harass, threaten, or bully.” YouTube appeared to reverse the decision, as the video is now accessible.

Some people mentioned they did not consent to the taping. “You didn’t ask me if you could take a picture of me sir,” one woman said. “You still have me on camera, and that’s not OK with me. That’s an invasion of my privacy and my time.” The cameraman occasionally referenced the prevalence of surveillance cameras, but he didn’t belabor the point, which was, “blurred by the fact that he sometimes invades his subjects’ personal space, making it unclear whether the discomfort they exhibit comes from having a person standing right by them, or whether it’s the camera they object to,” wrote Cory Doctorow.

The cameraman’s actions appear to be legal. People can typically record in public areas such as sidewalks and parks without consent since no general expectation of privacy exists in public, according to the Digital Media Law Project. The same usually holds for recording activity that occurs on private property but can be observed from public space. Washington’s Supreme Court has ruled that someone can visibly record conversations in public that others can hear.

While the law may not protect people from recordings in public, people clearly distinguish between who’s doing the recording. Canadian filmmaker Rob Spence, who has a bionic eye with a camera, told Reuters in 2009, “In Toronto there are 12,000 cameras. But the strange thing I discovered was that people don’t care about the surveillance cameras, they were more concerned about me and my secret camera eye because they feel that is a worse invasion of their privacy.”

This comment from Spence, who calls himself the Eyeborg, brings to mind Google Glass, which has already captured an arrest on camera. But since Glass doesn’t explicitly alert people when it shoots video, perhaps Surveillance Camera Man is inciting a much-needed conversation by forcing people to face the uncomfortable feeling they’re being recorded.

Law Enforcement and Mining Social Media: Where’s the Oversight?

Posted on by

A Pennsylvania detective had a nickname of a suspect, but no real name. He turned to Facebook, found a picture, and eventually apprehended the person. This anecdote from a Washington Post investigation into law enforcement use of facial recognition software illustrates how social media can be a boon for catching criminals.

As people share more about their thoughts and actions on social media and as algorithms grow more sophisticated, law enforcement’s ability to mine such information for clues into how to prevent crimes raises concerns of profiling and questions of oversight.

Law enforcement profiling predates social media. From 1956 to 1971, FBI counterintelligence program COINTELPRO tracked political organizations and their leaders, including Martin Luther King, Jr.

Recently, the ACLU’s “Mapping the FBI” project uncovered intelligence gathering that used racial and ethnic mapping. The project’s documentation includes a 2009 memo from the bureau’s Detroit office that called Michigan’s Middle East and Muslim community “prime territory for attempted radicalization and recruitment by” terrorist groups. The FBI’s reason: most State Department-labeled terrorist groups originate in the Middle East and South Asia.

In 2010 a 20-year-old Arab-American man in California found a tracking device on his car and learned the FBI had been surveilling him, a US citizen, for months, if not longer. Since 2011 the Associated Press has investigated the NYPD’s spying on Muslim communities, documenting what The Atlantic calls “horrifying effects” on both those surveilled, who have not been accused of any crimes, and on counterterrorism efforts as a whole—in six years, the program did not generate a single lead.

The NSA and British intelligence agency GCHQ collect raw Internet traffic that includes email, social media, and chats. US law enforcement agencies at all levels can obtain information from Internet and communication companies with court orders. But police don’t need permission to monitor what already flows freely on the web. Ars Technica reported on the London Metropolitan police’s extensive efforts to monitor social media:

For the past two years, a secretive unit in the Metropolitan Police has been developing the tools for blanket surveillance of the public’s social media conversations. Operating 24 hours a day, seven days a week, a staff of 17 officers in the National Domestic Extremism Unit (NDEU) has been scanning the public’s tweets, YouTube videos, Facebook profiles, and anything else UK citizens post in the public online sphere.

Several commercial tools exist to monitor social media streams, and companies actively market them to law enforcement.  Police departments at the University of Maryland, Hampton University, and the city of Boca Raton, Florida use tools from the Virginia-based technology company ECM Universe to surveil social media users and analyze the text of their messages. A brochure touts that with the tool,

[A] city can monitor activist groups who are using social media to organize their efforts on the ground and receive alerts in a matter of minutes from the time of the postings when dangerous radical elements emerge from the crowd.

Such language underscores the need for oversight on how to use information gathered from social media. Participating in an activist group is not a criminal activity, and “dangerous radical elements” do not emerge at every activist meeting.

US law enforcement generally needs a reason and court permission to investigate someone. Predictive analytics involves mining data to look for undetected or unconsidered patterns. Agencies “don’t necessarily know what they need to monitor on Twitter,” software company SAS wrote in a paper detailing its tools, one of which maps people’s friends and followers on Facebook and Twitter. Users maintain hundreds of connections on these sites, including people they may not have contacted for years or people they don’t even know. To what extent will a person’s connections implicate them?

Predictive policing has helped police departments lower crime. But such efforts used previously reported and anonymized crime data; inclusion of social media data adds another dimension of concern. People don’t know what governments are doing with troves of social media data, and people can’t see the algorithms that police use to fight crime. As Evgeny Morozov wrote, “If no one can examine the algorithms…we won’t know what biases and discriminatory practices are built into them.”

Cloud Computing, Cloud Polluting?

Posted on by

courtesy of PayBit.pl

In 2008, Satoshi Nakamoto (a pseudonym) announced plans to build a new electronic currency—totally peer-to-peer and requiring no third party intermediaries—called Bitcoins. In order to get new Bitcoins, users would install programs on their computers called “Bitcoin miners” that would solve complex mathematical puzzles. By making the puzzles difficult and only solvable after some heavy computing, coins would be slowly introduced into the system over time and the coins randomly distributed to users. These mining programs would search for a sequence of data that produces a particular pattern which, when found, gives the miner a small amount of Bitcoins. Simply put, users could make Bitcoins by using their computers’ processing power to solve these puzzles and generate new coins. As of 2009, the number of new Bitcoins has been designed to halve every 4 years until 2140, after which the number of Bitcoins will have reached a maximum of 21 million coins, and no more Bitcoins will be added into circulation.

This system worked well for the first few years, but since Bitcoin mining became widely practiced in 2009, the easy puzzles have been solved, and more processing power has been needed to solve the increasingly harder puzzles. Though there are other ways to obtain Bitcoins (like buying them with other currencies, or trading them for products and services, or through processing fees), mining the coins is still the only way to introduce more coins into the system. As Bitcoin mining requires increasing computing power for diminishing returns, the low-powered computers found in homes and offices are no longer up to the task of virtual mining.

courtesy of Zach Copley/Flickr

In April 2013, Mark Gimein at Bloomberg published an article calling Bitcoin mining an “environmental disaster” that consumes 982 megawatt hours a day, or enough power to run 31,000 US homes. Additionally, the value of Bitcoins is subject to massive fluctuations in the currency trading markets, threats by various governments to shut down the experiment, and hacker attacks on the Bitcoin system. Just three days before the Gimein published his article, Bitcoin values plummeted by 77% after hackers and new users put pressure on the system. A month later, US authorities seized the world’s largest Bitcoin exchange, and earlier this week the IRS declared Bitcoins a taxable income. While Bitcoin has made a few people wealthy, Bitcoin miners are quite literally converting thousands of megawatt hours into virtual currency, the future of which is extremely uncertain. Just like mining for gold in the real-world, mining for virtual coins presents serious political, economic, and environmental issues.

courtesy of Jeff Kubina/Flickr

While Bitcoins may be the one of the most obvious challenges to the virtual-material divide, it may not be the most significant. In September 2012, the New York Times estimated that digital data centers worldwide use about 30 billion watts of electricity (or about the same as the output of 30 nuclear power plants), with the US responsible for about one-third of that usage. According to Google, a single search uses about 0.0003 kWh (1080 joules) of energy, which is roughly the same as turning on a 60W light bulb for 17 seconds. Another estimate found that a 140 character Tweet consumes about 90 joules, which is roughly enough energy to power that same light bulb for 1.4 seconds.

But what about when no one is actively using these services? A McKinsey & Company report estimated that an average data center only uses 6 to 12% of its electricity for computation, while nearly 90% of energy use goes into keeping servers idling in case of a surge in activity that could crash operations. Companies keep their facilities running around the clock at maximum capacity, regardless of demand, because they fear what might happen if their services are interrupted.

Earlier this month, Google hosted a summit at the Googleplex to consider “How green is the Internet?” In his keynote address, energy researcher Jon Koomey estimated that the Internet is probably responsible for about 10% of the world’s total electricity consumption. Koomey, who has been studying the material impact of the Internet since 2000, noted that the numbers are difficult to track, but suggested that companies that have made their names collecting data could do a better job tracking electrical use. Eric Masanet from Northwestern University found this lack of data troubling enough that he launched a publicly available model for assessing the energy effects of cloud computing called CLEER.

Koomey also noted that moving to digital communications and networks has reduced overall electricity use. For example, Koomey argues, businesses and organizations reduce their use of electricity by allowing companies like Google to host their email servers rather than run their own. The subtext of many of the “How green is the Internet?” keynotes was fairly obvious; if you care about the environment, move your data and processing to the cloud. Google made this connection clear when the company posted on its blog about the summit and cited a study (sponsored by Google) from the Lawrence Berkeley National Laboratory that found that migrating all US office workers to the cloud could save up to 87% of IT energy use (or enough to power the city of Los Angeles for a year).

courtesy of Stuart Marsh/Flickr

From an environmental perspective, Google has done its best to make migrating to the cloud attractive. Google is one of the largest investors in renewable energy, has commissioned several wind farms, and uses more efficient cooling towers for its servers than most Internet companies (though currently only 33% of its energy use is renewable). Other companies are investing in clean and green technologies too. Last year Facebook opened a data center in a building designed to make its servers 40% more energy efficient, and this year it opened a data center in Sweden that completely runs on hydropower. Apple states that its data centers are completely powered by solar, wind, hydro and geothermal energy. Microsoft has pledged to become carbon neutral in 2013 and earned its place on the Environmental Protection Agency’s 2013 list of the top 10 renewable energy-using organizations in the US along with Intel, Starbucks, Wal-Mart, and Lockheed Martin.

courtesy of Kevin Saff/Flickr

Recently, several cloud computing companies like Cloud Hashing have begun offering services that allow users to use outsource their Bitcoin mining processes to their cloud servers. Bitcoin mining isn’t the only service being migrated to the cloud. Last year, Adobe announced its decision to begin offering its Creative Suite of products, like the popular Photoshop and Illustrator, on its cloud service exclusively. Adobe reported this week that 700,000 users have begun using their “Creative Cloud” service and hopes to have 4 million users by 2015. Adobe’s decision to offer its services via the cloud was primarily motivated by its need to combat piracy of its software and also to roll out updates quicker, not necessarily because the company wanted to decrease end user energy consumption. Other data gathering companies have a stronger interest in collecting, storing, and mining user data. Last week, Google caused some controversy and user confusion after completing an update to its mobile Gmail app, making archive (rather than delete) the default setting for mobile users. Google didn’t remove the delete option—it’s still available through menu actions—but the company is clearly nudging users away from deleting emails. Much like mining Bitcoins, mining user data or letting users search archived messages requires sifting through massive amounts of data looking for particular patterns or text.

courtesy of Peter Patau/Flickr

While Adobe’s new cloud services might use less energy than what individual computers running the software requires, and companies like Apple and Google are moving to renewable energies, the lack of energy usage transparency prevents users from knowing the actual costs of cloud computing. Many people go out of their way to turn off the lights when they leave a room or recycle soda cans, but become angry when a site loads slowly or they can’t instantly find an email archived four years ago in Gmail. The data centers that store and process old emails and tweets already use more than 2% of the US electricity supply (more than the notoriously energy demanding paper industry). When one considers how much energy is involved in Internet use, “the cloud” rapidly comes down to Earth.

#imweekly: June 24, 2013

Posted on by

Tunisia
The Tunisian Internet Agency building, the center of the former Tunisian regime’s Internet censorship facuilities and once a home of the former dictator Ben Ali, is being changed into a hackerspace and open wifi hotspot for nearby citizens.  Plans are in the works to extend the range of the building’s routers to allow Internet sharing with more of the population.

Pakistan
A recent report from the Citizen Lab found that Pakistan is using Netsweeper, a filtering technology managed by a Canadian company, to block websites or tamper with DNS. The Pakistani government is planning to block more URLs and SMS text messages in the country. However, five international companies who sell surveillance and filtering software have committed not to help Pakistan, after protests from civil rights groups.

Mexico
Human rights activists have filed a request to investigate the use of the FinFisher surveillance software by the Mexican government, which they suspect has been used to spy on journalists and activists in the country. A Citizen Lab report detailing FinFisher’s use in 36 countries was the spark that prompted the investigation. Drug-related violence in the country may have allowed the government to launch several surveillance programs without significant resistance from civil society.

United States
Facebook announced it has fixed a bug on Friday which has potentially leaked 600 million users’ email addresses and phone numbers. The bug allowed users downloading an archive of their user account to also download other users’ information. Security researchers have also discovered that Facebook is collecting data on people without a Facebook account and also has been keeping a shadow profile of every user that includes information not shared by the users directly with Facebook. The bug had been active for the past year, though Facebook says it has no evidence that the bug was exploited maliciously.

#imweekly is a regular round-up of news about Internet content controls and activity around the world. To subscribe via RSS, click here.