Now General Electric is developing a cheaper, integrated acoustic monitor in their next-generation streetlight which can interface with ShotSpotter’s audio surveillance system with the stated purpose of locating gunfire within dense, urban areas.

The Seattle Privacy Coalition has worked with the city in the development of a privacy protecting ordinance and a process for evaluating the impact of new surveillance technologies. We’ll be watching this new technology and offering criticism of its potential privacy impacts, especially when it’s being pushed by a government agency that has already circumvented the public process by installing surveillance cameras in the Central District with the help of Seattle City Light.

We’ll be asking the city’s new Chief Privacy Officer to perform and publish a thorough audit of all programs and purchases under SPD, and all MOUs or informal agreements SPD maintains with Federal agencies in accordance with the City’s privacy program.

Contact Seattle’s CTO, the Mayor and City Council members to share your concerns with them.

Previously:

ShotSpotter makes up its gunfire data, but it STILL doesn’t make any sense

ShotSpotter: There’s no lobbyist like an arms lobbyist

ShotSpotter (SST, Inc.) Fact Sheet prepared for City of Seattle

Reminder from Laura Poitras: “If not for Seattle, this history would be different”

The post Audio surveillance coming to a streetlight near you? appeared first on Seattle Privacy Coalition.

I recently noted that one of the wireless mesh nodes was transmitting, in contradiction of the City’s repeated assurances that the network was “turned off,” while I was attending a protest outside the King County courthouse in City Hall Park near 3rd Ave and Yesler Way. My post to Twitter caught the attention of the Seattle Police Department, who promptly shut off the node and posted a blog entry and tweeted about it. The following tweets appeared on Twitter that day, with much more commentary on the original post (which you can see if you click on the date stamp below.)

#SEAspy #MeshNet node is transmitting on “3rd&Yesler” and “TEST-WAP” SSIDs. @SeattlePrivacy @SeattlePD #rootsup2014 pic.twitter.com/Z0gHtp8Rrp

— lee⭐c (@sleepylemur) July 11, 2014

What we know about our node. http://t.co/PgeQFRqpkS #nodecomment

— Seattle Police Dept. (@SeattlePD) July 12, 2014

Seattle Police officer Sean Whitcomb’s reply on the SPD blotter makes a misleading claim, that “The rogue node, while producing a visible signal, was not being operated.” This isn’t only misleading because radio waves are invisible. They’re also not visible because the Service Set IDentifier (SSID or “network name”) of these mesh nodes gives no indication that they’re operated by the police department. It’s not the sort of thing that a nontechnical person would notice, even if they saw it listed on a computer or mobile device when they were trying to find a wireless network. It’s also misleading to claim that the node was “not being operated”.

The device may not have been switched on intentionally, it may not have seen any active traffic from SPD vehicles or those of other city departments while it was powered on and transmitting, but a claim that it wasn’t operating is the same category of the “non-operational” SPD cameras installed throughout the city. The glowing blue light indicates that power is applied to the cameras, just as the blinking orange and green lights indicate that mesh network nodes have power and some sort of activity. According to the Seattle Police’s definition of “operating”, these networked surveillance cameras aren’t “in use” because the digital video recording system to which they’re attached isn’t capturing any of their video feeds.

@sleepylemur @SeattleCouncil @SeattlePrivacy Lee, consider this “confirmed”. The cameras are not in use. sw — Seattle Police Dept. (@SeattlePD) September 11, 2013

However, as Mayor Murray opined in an interview on the matter, the cameras and their mesh network could be switched on if the City decided they were needed for some sort of emergency (the Boston Marathon bombing was mentioned, but any emergency could do). Now, this mayor may have no intention of using these cameras and Seattle’s current police force might not intend to use their mesh network to monitor the movements of every active WiFi and Bluetooth device in the city (see The Stranger’s article You Are A Rogue Device), but we’re a country of laws, not of men.

Seattle should revise its ordinance regarding the installation and use of surveillance equipment. We made recommendations to the city council regarding Ordinance 124142 in March and this matter still needs to be addressed.

The post Seattle’s operating surveillance ordinance still needs fixing appeared first on Seattle Privacy Coalition.

We have updated the SSL certificate for this site in response. We are not aware of any compromise, but all users should change their passwords as a precaution.

In addition, if you host a WordPress site, please take the following steps:

1. Read this post by Wordfence,

2. Update your site, and then

3. Change your passwords. (This is especially important for administrators).

Other websites you use are probably also affected. Please check any sites that require a password for you to use them — look for updates or notifications from site administrators.

If you use the Tor Browser Bundle or operate a Tor node, please see this post on the Tor Project blog.

CAUTION: If you receive any unsolicited emails that prompt you to click links to update your password, treat them with extreme suspicion. They might be phishing attempts. Instead, type the URL of the site into your browser and change the password from the site itself.

The post Heartbleed bug response and summary appeared first on Seattle Privacy Coalition.

Please take a close look at how your tax money is being spent, especially given the revelations of massive warrantless surveillance by the federal government and by the military.

Click here for the agenda and details of the items for discussion.

The post Public Safety Committee to discuss DHS grants, fusion centers, facial recognition appeared first on Seattle Privacy Coalition.

Anonymous browsing: Whenever a request is made to another system on the Internet, addressing information is exchanged. This is analogous to the destination and return address in a physical postal system; In this case the addresses use Internet Protocol (IP) instead of numbers and streets, but the idea is the same. If you wanted to send a letter to someone without a return address, they wouldn’t be able to figure out anything more than the location where the letter was first routed from the cancellation marking on the stamp. When it comes to web browsing, there isn’t a means of sending requests that don’t have return addresses. However, you may use a proxy so that the website being accessed doesn’t have your actual IP address but instead has the address of the proxy. The most robust anonymous proxy available is called Tor (The Onion Router) and is available for Windows, Macintosh, Linux and Android.

Encrypted Email: Carrying on the postal analogy, email is actually more like a postcard in terms of the privacy it provides. People may have an expectation of privacy when it comes to the things they commit to email, but it’s merely an expectation. There may be legal or professional repercussions for reading the contents of someone’s email, however. If one wishes to keep the contents of email private, using some form of encryption is recommended. The most widespread mode of encrypting email is the commercially available software “PGP” (Pretty Good Privacy) which also has a free, open source implementation “GPG” (Gnu Privacy Guard). Using GPG is fairly complex because of the concepts involved and I’d recommend having someone walk you through the process. If you’re a do-it-yourself type, there’s extensive documentation available.

Off The Record messaging: Many chat programs will present the option to discard logs of what you’ve typed. This is sometimes referred to as being “off the record” but it’s important to understand what’s going on behind the scenes if you want to maintain confidentiality and even plausible deniability of the things one is communicating to others. Please refer to the Cypherpunks OTR page which treats this topic extensively. For my part, I use Gibberbot on my Android phone when I wish to communicate securely. It’s produced by the Guardian Project, which has collaborated with the Tor Project to bring their software to Android devices.

–Lee Colleton

encryption key: B074B361

The post Privacy, Encryption, and You appeared first on Seattle Privacy Coalition.