Archive for the 'Privacy & Technology' Category

Proposal: Overhaul Surveillance Ordinance as Data Collection, Retention and Sharing Ordinance

By Jan Bultmann and Christopher Sheats

 

Our city has committed to protecting immigrants, refugees, and the many thousands of other vulnerable populations. We argue that this is not possible without strong privacy oversight, safeguards, and enforcement. The local privacy community urges Seattle’s leadership to set aside for the moment the discussion of our Surveillance Ordinance and any amendments to it, and instead to develop an ordinance that holistically addresses the government’s role in data collection, retention, and sharing.

Why pause now? The ACLU of Washington has proposed a stronger version of the existing bill, which has been watered down by multiple revisions that remove the many critical elements including independent oversight, auditing, reporting, and enforcement requirements. But even with the ACLU’s original, stronger proposal, the foundation of the bill is inadequate.

We now live in a very different environment than when the Surveillance Ordinance was first crafted, although it has only been 3 years. This legislation was drafted in response to the public outcry that accompanied the Seattle Police Department’s acquisition of drones without public knowledge. Council chambers were repeatedly packed with demonstrators. After having wasted $82,000 dollars, the drones were ultimately decommissioned. The Surveillance Ordinance was successful to meet that immediate challenge.

Now we promise vulnerable people that we are a sanctuary city that will defend their human rights. We are literally in the crosshairs of a hostile federal government, one that has been shown to disregard local regulations and make backroom deals with city agencies. For example, putting cameras on City Light poles in direct violation of our existing surveillance law, putting nothing in writing, and further, evading any form of FOIA or PDR process.

“As a sanctuary city we have a greater obligation to protect private citizens.” — Kshama Sawant

We have autonomous cars coming, including wireless car to car technology, wireless car to infrastructure technology, and the lobbyists that come with them. We have facial recognition technologies coming and the lobbyists that come with them. We will be seeing the largest developments of these technologies within President Trump’s term.

Seattle’s Race and Social Justice Initiative clearly states:

By 2017, the City of Seattle will work with community-based organizations to support the movement to end structural racism.

We can tell you that the City has not asked the Seattle Privacy Coalition for input on how we might accomplish this, and we are well into 2017. Further, CTAB-Privacy has not been asked for input on these amendments by the Council. How can Seattle’s Surveillance Ordinance go on to exempt technologies designed and purchased for surveillance? Do black lives really matter to Seattle when data collection, retention, and sharing technologies are historically and routinely purchased in the name of defense but used offensively?

If we do not hold ourselves accountable, a government for the people, how are we going to ethically govern the use of these technologies when they are funded, deployed, and managed by third parties? How is Seattle going to defend our human rights if we have a “surveillance ordinance” that is not adequate for the complexity of a major municipality? Common sense demands that we broaden the scope to include all forms of data collection, retention, and sharing. This would eliminate splitting hairs on terms that exclude any technology not specifically purchased to support law enforcement.

The Electronic Frontier Foundation is a legal digital rights organization that maintains an umbrella grassroots organization called Electronic Frontier Alliance. Last week we discussed surveillance ordinances under development in more than 11 municipalities across the United States. The Seattle Washington ordinance was cited as being “well-intended but weak” whereas the Oakland California legislation was cited as effective because their draft legislation includes provisions for independent oversight that are fundamental to all controls, auditing and reporting requirements, and enforcement options such as the public’s right to sue for privacy harms. We strongly advise that Council review the Oakland California ordinance.

The Seattle ordinance MUST include oversight, auditing, reporting, and enforcement, and it cannot be limited to a false notion of what is or it not for surveillance. Without these fundamental changes, we are a sanctuary city in name only. With federal access to municipal databases unmonitored, unchecked, and unreported, anyone who makes use of a city service is vulnerable. When privacy is by design and policies are made to support the most vulnerable in our city, we, in effect, defend everyone’s human rights.

As defined by Seattle’s Privacy Program, we have a Privacy Review Process (PDF) that we can leverage for all forms of data collection. All forms, because there cannot be a lack of transparency and accountability. This must be baked into a Data Collection, Retention and Sharing Ordinance. Every act by the City that takes in information should have a corresponding unique identifier that must be published so that anyone can learn more about the data being collected, what it is being used for, and who is responsible for it. This will build trust. In line with Councilmember Sawant’s wishes to pull down foreign cameras from City utility poles, people have the right to be informed about what their government is collecting about them and their community. We should have the ability to learn about and to respond to our government in constructive ways. With the City’s drive for increasing open data and community engagement, why haven’t we started doing this yet?

Privacy is at risk from always-on microphones, cameras, smartphones, smart meters, automobiles, internet assistants like Alexa, Siri, Echo, and Cortona, Internet connected children’s toys, home appliances, and so many other things that have yet to even be invented. The city of Seattle cannot protect people today from predatory corporate data exploitation. We can, however, model what a human-rights respecting privacy policy looks like. And we must.

Please do not pass the watered-down Surveillance Ordinance rewrite into law because it will cause more harm than good. Instead, we urge the City Council to reach out to local community organizations such as the Seattle Privacy Coalition, Electronic Rights Rainier, and the body that the City Council assembled to advise them on technical issues, the Community Technology Advisory Board, to create a bill we can all be proud of.

If We Care For Survivors, Surveillance Technologies Must Be Heavily Regulated

By Christopher Sheats

 

In Seattle tomorrow, City Council will be discussing Surveillance Ordinance amendments originally proposed by ACLU of Washington and watered down by the council. The Surveillance Ordinance would be incredibly deficient if we passed these amendments. Of primary concern, there are multiple exemptions that are *crazy* if you were to juxtapose a United Nations privacy report.

Surveillance technology does not include:

(a) technology used to collect data from individuals who knowingly and voluntarily consent to provide, or who do not avail themselves of an opportunity to opt out of providing, such data for use by a City department;

(b) social media sites or news monitoring and news alert services;

(c) a body-worn camera;

(d) a camera installed in or on a police vehicle;

(e) a camera installed in or on any vehicle or along a public right-of-way used to record traffic patterns or traffic violations or to otherwise operate the transportation system safely and efficiently, including in any public right-of-way;

(f) a camera installed on City property for security purposes;

(g) a camera installed solely to protect the physical integrity of City infrastructure, such as Seattle Public Utilities reservoirs; and

(h) routine patches, firmware and software updates, and hardware lifecycle replacements.

In February, I spoke along side ACLU of Washington lawyers, University of Washington lawyers, and a domestic violence survivor at a public hearing in our state capitol to support an ACLU bill limiting Automatic Licence Plate Readers. Domestic violence survivors’ privacy, specifically their physical location privacy, is paramount to them and their families. Further, many survivors are victims to police men and women, making this under-served population a critical voice in discussions concerning surveillance technologies. At the hearing, A women with incredible courage showed up to educate the committee about her and the other 5,000+ Address Confidentiality Program participants. With permission, below is her testimony.

As content on our website is licensed using Creative Commons, please feel free to use share her testimony to further privacy rights.

Madame Chair, and members of the committee,

I am here today to discuss a part of my life so terrifying that, at times, I have actually contemplated writing a horror movie script.

Please forgive me, but by the end, it will make sense to today’s hearing.

I am here as a participant in the Washington State Address Confidentiality Program, ACP for short.

You will never understand, nor will I ever be able to convey the fear and torment that one individual can deliver. His words are still etched in my mind: “No woman is going to tell me, a man, what to do.” When trying to end a relationship, what I got in return was physical abuse and psychological terror. I would see him outside my home, my work, at my children’s school or stalking me in my rear-view mirror.

At times, he would convey to me each and every way or place he could have killed me that day.

I discovered that he had made duplicate keys of both my home and my car. Changing door locks didn’t matter. He still got inside. He was letting me know that he was in control.

My oldest son and I would eventually bobby trap our doors when we left, to more easily determine if he might be inside when we returned.

And though time, our much-loved pet cats disappeared one by one.

I lived through death and kidnapping threats to my children’s lives. I feared for my own life.

And in utter, desperate fear one night, I called a helpline, told them of my situation, and was advised to leave the state immediately. I did. On their advice, I gave my house keys to a friend, told nobody where I was going, put my kids and some clothes in my car, and drove to a state where I was offered protection.

I thank you so very much WA for the ACP. I no longer have to be afraid. It took me months but I no longer have to fear looking in my rear-view mirror.

This is hopefully the end of my desperate story.

But now, I want you to clearly understand one implication of unrestricted ALPR technology
I am here representing a vulnerable part of society, those who live in domestic violence situations. My ex-boyfriend kept telling me that he had connections to the police department, that there was no place to hide.

What if that was true? What if someone like me, couldn’t hide ever?

With unrestricted and retained ALPR data that becomes a real possibility.

I want you to consider the lives of spouses of law enforcement who might be in a domestic violence situation. My tale of torture existed because my stalker knew where I lived. Please protect your citizens, all your citizens, from potential location abuse. Please put restrictions on ALPR data.

Tell City Council that Feds Must Follow Seattle Law

Call for action: Demand transparency related to federal government surveillance in Seattle

tl,dr

Email the city and insist that city employees document cooperation with federal requests for surveillance cameras.

Details

What: Meeting of Seattle City Council Committee on Energy and Environment. Agenda:  https://seattle.legistar.com/View.ashx…

When: Tuesday, January 24, at 2 pm

Where: Council Chambers at Seattle City Hall (601 5th Avenue, at Cherry)

Why: Of interest in the agenda is item #2:

Warrantless Surveillance Cameras in Seattle: How to protect
the privacy of Seattleites and reverse the proliferation of
surveillance cameras installed by the Seattle Police
Department and Federal law enforcement agencies on SCL
polls in public space without democratic authorization or
transparency.

As many of you will know, Seattle currently has legislation about surveillance equipment on the books. Currently, however, federal agencies ignore it (because it doesn’t apply to them) and use city resources to put up their own cameras. Seattle Privacy has documented several cases where the ATF or FBI entered into informal, off-the-record, verbal agreements Seattle City Light employees allowing the placement of cameras on utility poles.

We support the committee’s study of this issue call on the committee members to back corrective legislation.

What you can do

Attend the meeting if you can, and speak out during the public comment period.

If you can’t attend, you can submit a public comment by emailing the committee members:

For example, you might feel that…

  • Any agreements between federal and city agencies regarding surveillance equipment should be written down and FOIA-able.
  • The public should know who makes the call to allow ATF cameras.
  • The lack of transparency in the city’s dealings with the federal government is at odds with our status as a sanctuary city.

We’ll be at the meeting, and hope to see you there.

On the nature of surveillance, self defense, and activism

The Seattle Privacy Coalition instructed our first anonymous group of Seattleites who are victims of abusive surveillance or at risk of becoming a victim. Overwhelmingly, the students of our first workshop were women, even though everyone that attended ranged in age, background, race, nationality, ethnicity, and sexual-orientation. Despite their differences, their commonality was their genuine care for people — society — to such a degree that their non-violent actions are considered a threat to corporate and government power.

The concern

Almost 226 years ago, our fundamental rights as Americans were ratified. Broad protections were guaranteed to us against search and seizure, something that we, as a society, now sometimes call privacy due to the large amount of our lives willingly and unwillingly propelled into digital spaces. Objection to intrusive search and seizure of physical objects has evolved into our ability to control personal information made harder by advancing and cheapening technology.

Corporations, governments, and law enforcement agencies do not have a right to abuse people by way of deploying advanced technology. They may have the ability and privilege to do so, but that ability and privilege cannot and should not become a slippery slope to control people who are exercising their government-sponsored and government-protected right to protest perceived abuses of power. What is the significance of our constitutional protections unless we act, so that our rights become right and our values proven?

Despite the stark ethical differences between rights and privileges, activists are readily harassed, stalked, physically abused, or murdered. Anyone guided by justifiability and morality can understand why we need to support this vulnerable population of people.

The workshop

In large part, surveillance self-defense is about technology and education. Similar to the practice of martial arts, self-defense is learned by empowering one’s self with knowledge and control over mind, body, and environment. Understanding technological threats and assets will help non-violent activists achieve their goals. To best achieve our objectives, we approached this training with the wisdom of a teacher and also the curiosity of a student. Everyone there had something to share and learn.

Our students were not tech-savvy. Many of them had cell phones that were merely recommended to them by family members or casual friends. One of them had a Windows phone, something even our technologists didn’t know if it employs storage encryption. Even though only one person was the facilitator over the course of almost five hours of training, various Seattle Privacy Coalition co-educators were participants of the training and regularly contributed facts, metaphors, and applied real-time research.

We started off by introducing the Seattle Privacy Coalition and notable facts about the organizers, like not being associated with law enforcement or intelligence services. A story was told to create some initial privacy empowerment and a statement about everyone’s right to identity-self-determination while  participating in the workshop.

We started our curriculum by highlighting the cause of risk, which can be characterized by a balance between threat and vulnerability. Throughout the workshop, distinctions were made by attributing the specifics of scenarios to either a threat or a vulnerability to best appreciate any given risk.

The first tool provided to our students was not software; it was an information resource, one regularly brought back into the dialogue. The Electronic Frontier Foundation‘s (EFF) online guide titled “Surveillance Self Defense” (SSD) was chosen to be our primary reference material. Their amazing and much needed work is where we got the name of our new program. We think that the EFF’s SSD should discuss the notion of a vulnerability, not just the notion of a threat when assessing risk regarding “An Introduction to Threat Modeling“.

Another SSD concern was the need for a preemptive list of jargon in each article. As you might notice, one of the Seattle Privacy Coalition’s goals is to provide constructive feedback to the EFF from our experiences with our activist and journalist students.

Graciously, one of our students enjoyed sharing the words of every acronym that we used to instruct with. It was a healthy reminder that our students need a lot of breakdown, which in effect, leads to a lot of segues. Seattle Privacy Coalition needs to include more subtle structure into our curriculum plans so not to spend as much time on segues. Segues created a condition where it became too easy for non-technologists to get lost. We regularly asked if everyone were comfortable with the previously discussed topic so people could easily ask questions.

Other over-arching concepts included the differences between active and passive surveillance, and also the differences between transport encryption and encrypted storage. The Seattle Privacy Coalition needs to add a section disusing a basic concept of encryption in our upcoming workshops.

The majority of our students were iOS and OS X users, which was slightly unfortunate since we don’t have any Apple users among the active Seattle Privacy Coalition volunteers. Creating power users out of Apple users was a clear challenge in our workshop, but we were able to educate on a few important self-defense tactics and operations.

Regardless of the lack of Apple iOS and OS X experience, we were able to cover many outstanding encryption tools. We only instructed on the use of open source tools made by The Guardian Project, Open Whisper Systems, and The Tor Project . We limited our tools training to these developers because of their commitment to human rights, attention to usability, and their verifiable skills at employing strong encryption through careful software development.

We covered topics like “data linkability” and applied its concept throughout the workshop. We covered notions of “metadata” and applied its concept throughout the workshop. We covered search and seizure laws and rights. We covered Washington state audio and video recording laws and responsibilities. We made sure every Android and iOS user had storage encryption enabled. We also discussed OTR advantages in light of the above chosen software tools.

We spent a lot of time talking about cell phone communication encryption as a matter of risk deterrence. We did this by covering basic cellular network infrastructure and various vulnerabilities. Discussing SS7 vulnerabilities, baseband processor vulnerabilities, and IMSI-catcher threat detection was a primary knowledge area that we think is critically important for activists.

With only five hours before everyone was completely wiped, we barely had enough time to cover the proper use of Tor. Regrettably, Tor was talked about only as a solution. We did not comprehensively discuss threats and vulnerabilities. We did not have enough time to include any hands-on exercises which we think is ideal for showing activists how easy it is to install and use the above mentioned software tools. We also were not able to talk about HTTPS or PKI, which would have been useful after a basic intro to encryption.

Lastly, while we were able to discuss contact management for cell phones, we did not discuss contact management for personal computers. In fact, while 5 hours is a lot of time, we had no time for talking about personal computer hardening aside from a few brief mentions of Tails Linux. The only attendees to raise their hands as being Linux users were those from the Seattle Privacy Coalition.

In Retrospect

Everyone walked away having learned many important things, and with a some healthy paranoia. Seattle Privacy Coalition volunteers learned a lot too, particularly about the nature of this specific underrepresented community in Seattle. The Seattle City Council is advised by the Citizens Technology and telecommunications Advisory Board (CTTAB), and in a couple months, CTTAB will be hosting a privacy symposium specifically looking at underrepresented communities that are often hurt by data mismanagement or surveillance. Activists are not only underrepresented, they’re often abused and misunderstood by capitalists, politicians, and journalists. We hope that these surveillance self-defense workshops will help our fellow residents, our city, and our perception of privacy moving forward.

Surveillance Self Defense for Activists, January 2015

foto_no_exif

 

Greetings Seattle activists!

Seattle Privacy Coalition is starting a new workshop in Seattle called Surveillance Self Defense, a name gratefully adopted from the Electronic Frontier Foundation’s “Tips, Tools and How-tos for Safer Online Communications“. Our workshops will be free to the public but limited in space.

Surveillance Self Defense for Activists will start in January 2015 and occur every-other month. So if you miss January’s, remember that another workshop will happen in March 2015. We are also starting Surveillance Self Defense for Journalists, which will begin in February 2015.

Our first workshop, for activists, will be on Sunday, January 18. Registration is not yet open. The time, location and curriculum will be announced when registration opens next week. Curriculum will include securing your phone and computer (and related communication) for on-the-ground activists, no matter if you’re an organizer or participant.

 

There will be no form of registration that will record who is attending, so no Facebook, Meetup, or email invites of any kind. This is done to protect the privacy of the attendees. Depending on our workshop space, we will have a limit to how many people we can accommodate. We’ll know how many people to expect based on how many anonymous surveys are submitted.

Below is a set of draft survey questions that we’ll be asking each participant to answer before they attend. They have been created with the help of Internews’ SaferJourno project. We’re putting these here now just to give you an idea of what kinds of things we’ll be educating you about:

  1. Do you use a cell phone when participating in protests?
  2. What is the operating system of the cell phone that you take to protests?
  3. Select the capabilities of said cell phone:
    1. Phone calls
    2. SMS (text messaging)
    3. Data (internet access via 2G, 3G, or 4G)
    4. Bluetooth
    5. Camera
    6. Video camera
    7. (fill in the blank)
  4. When participating in protests, what communication platforms do you use?
    1. Google Hangouts
    2. Apple iMessage
    3. SMS/texts
    4. Facebook Chat
    5. Email
    6. Twitter
    7. (fill in the blank)
  5. Do you know any differences between HTTP and HTTPS?
  6. Have you used privacy enhancing tools such as a VPN or Tor, either on a computer or on a cell phone?
  7. Have you ever sent an encrypted email before?
  8. Is your cell phone password protected?
    1. Yes, with a pin number
    2. Yes, with a password
    3. Yes, with a pattern
    4. Yes, with a fingerprint
    5. Yes, with a faceprint
    6. No
  9. Is your cell phone’s storage encrypted?
  10. Do you know what an IMSI-catcher, or “Stingray”, is?
  11. Regarding the personal computer that you use to coordinate protests, what is its operating system?
  12. Have you ever had a personal computing device seized or confiscated?
  13. Are you currently a victim of active surveillance?
  14. Do you drive, carpool, bus, bike, or walk to protests?
    1. Drive
    2. Carpool
    3. Bus
    4. Bike
    5. Walk
  15. Do you use your electronic debit, credit, and/or bus card(s) before, during, or after attending a protest?
    1. Yes, debit/credit
    2. Yes, bus (Orca) card
    3. No
  16. Do you have access to a technical specialist when you have questions about digital safety tools and practices?
  17. What topics would you like to see covered at this workshop?
  18. Will you be bringing your cell phone or laptop to the workshop? We encourage you to for our hands-on training.

Please be sure to check back here next week for registration! For organizing queries, please send an (ideally PGP encrypted) email to “yawnbox at riseup dot net”. If you’re a security or legal educator and wish to get involved, please email me.

Cheers!