Archive for the 'Seattle Mesh Network' Category

Proposal: Overhaul Surveillance Ordinance as Data Collection, Retention and Sharing Ordinance

By Jan Bultmann and Christopher Sheats

 

Our city has committed to protecting immigrants, refugees, and the many thousands of other vulnerable populations. We argue that this is not possible without strong privacy oversight, safeguards, and enforcement. The local privacy community urges Seattle’s leadership to set aside for the moment the discussion of our Surveillance Ordinance and any amendments to it, and instead to develop an ordinance that holistically addresses the government’s role in data collection, retention, and sharing.

Why pause now? The ACLU of Washington has proposed a stronger version of the existing bill, which has been watered down by multiple revisions that remove the many critical elements including independent oversight, auditing, reporting, and enforcement requirements. But even with the ACLU’s original, stronger proposal, the foundation of the bill is inadequate.

We now live in a very different environment than when the Surveillance Ordinance was first crafted, although it has only been 3 years. This legislation was drafted in response to the public outcry that accompanied the Seattle Police Department’s acquisition of drones without public knowledge. Council chambers were repeatedly packed with demonstrators. After having wasted $82,000 dollars, the drones were ultimately decommissioned. The Surveillance Ordinance was successful to meet that immediate challenge.

Now we promise vulnerable people that we are a sanctuary city that will defend their human rights. We are literally in the crosshairs of a hostile federal government, one that has been shown to disregard local regulations and make backroom deals with city agencies. For example, putting cameras on City Light poles in direct violation of our existing surveillance law, putting nothing in writing, and further, evading any form of FOIA or PDR process.

“As a sanctuary city we have a greater obligation to protect private citizens.” — Kshama Sawant

We have autonomous cars coming, including wireless car to car technology, wireless car to infrastructure technology, and the lobbyists that come with them. We have facial recognition technologies coming and the lobbyists that come with them. We will be seeing the largest developments of these technologies within President Trump’s term.

Seattle’s Race and Social Justice Initiative clearly states:

By 2017, the City of Seattle will work with community-based organizations to support the movement to end structural racism.

We can tell you that the City has not asked the Seattle Privacy Coalition for input on how we might accomplish this, and we are well into 2017. Further, CTAB-Privacy has not been asked for input on these amendments by the Council. How can Seattle’s Surveillance Ordinance go on to exempt technologies designed and purchased for surveillance? Do black lives really matter to Seattle when data collection, retention, and sharing technologies are historically and routinely purchased in the name of defense but used offensively?

If we do not hold ourselves accountable, a government for the people, how are we going to ethically govern the use of these technologies when they are funded, deployed, and managed by third parties? How is Seattle going to defend our human rights if we have a “surveillance ordinance” that is not adequate for the complexity of a major municipality? Common sense demands that we broaden the scope to include all forms of data collection, retention, and sharing. This would eliminate splitting hairs on terms that exclude any technology not specifically purchased to support law enforcement.

The Electronic Frontier Foundation is a legal digital rights organization that maintains an umbrella grassroots organization called Electronic Frontier Alliance. Last week we discussed surveillance ordinances under development in more than 11 municipalities across the United States. The Seattle Washington ordinance was cited as being “well-intended but weak” whereas the Oakland California legislation was cited as effective because their draft legislation includes provisions for independent oversight that are fundamental to all controls, auditing and reporting requirements, and enforcement options such as the public’s right to sue for privacy harms. We strongly advise that Council review the Oakland California ordinance.

The Seattle ordinance MUST include oversight, auditing, reporting, and enforcement, and it cannot be limited to a false notion of what is or it not for surveillance. Without these fundamental changes, we are a sanctuary city in name only. With federal access to municipal databases unmonitored, unchecked, and unreported, anyone who makes use of a city service is vulnerable. When privacy is by design and policies are made to support the most vulnerable in our city, we, in effect, defend everyone’s human rights.

As defined by Seattle’s Privacy Program, we have a Privacy Review Process (PDF) that we can leverage for all forms of data collection. All forms, because there cannot be a lack of transparency and accountability. This must be baked into a Data Collection, Retention and Sharing Ordinance. Every act by the City that takes in information should have a corresponding unique identifier that must be published so that anyone can learn more about the data being collected, what it is being used for, and who is responsible for it. This will build trust. In line with Councilmember Sawant’s wishes to pull down foreign cameras from City utility poles, people have the right to be informed about what their government is collecting about them and their community. We should have the ability to learn about and to respond to our government in constructive ways. With the City’s drive for increasing open data and community engagement, why haven’t we started doing this yet?

Privacy is at risk from always-on microphones, cameras, smartphones, smart meters, automobiles, internet assistants like Alexa, Siri, Echo, and Cortona, Internet connected children’s toys, home appliances, and so many other things that have yet to even be invented. The city of Seattle cannot protect people today from predatory corporate data exploitation. We can, however, model what a human-rights respecting privacy policy looks like. And we must.

Please do not pass the watered-down Surveillance Ordinance rewrite into law because it will cause more harm than good. Instead, we urge the City Council to reach out to local community organizations such as the Seattle Privacy Coalition, Electronic Rights Rainier, and the body that the City Council assembled to advise them on technical issues, the Community Technology Advisory Board, to create a bill we can all be proud of.

If We Care For Survivors, Surveillance Technologies Must Be Heavily Regulated

By Christopher Sheats

 

In Seattle tomorrow, City Council will be discussing Surveillance Ordinance amendments originally proposed by ACLU of Washington and watered down by the council. The Surveillance Ordinance would be incredibly deficient if we passed these amendments. Of primary concern, there are multiple exemptions that are *crazy* if you were to juxtapose a United Nations privacy report.

Surveillance technology does not include:

(a) technology used to collect data from individuals who knowingly and voluntarily consent to provide, or who do not avail themselves of an opportunity to opt out of providing, such data for use by a City department;

(b) social media sites or news monitoring and news alert services;

(c) a body-worn camera;

(d) a camera installed in or on a police vehicle;

(e) a camera installed in or on any vehicle or along a public right-of-way used to record traffic patterns or traffic violations or to otherwise operate the transportation system safely and efficiently, including in any public right-of-way;

(f) a camera installed on City property for security purposes;

(g) a camera installed solely to protect the physical integrity of City infrastructure, such as Seattle Public Utilities reservoirs; and

(h) routine patches, firmware and software updates, and hardware lifecycle replacements.

In February, I spoke along side ACLU of Washington lawyers, University of Washington lawyers, and a domestic violence survivor at a public hearing in our state capitol to support an ACLU bill limiting Automatic Licence Plate Readers. Domestic violence survivors’ privacy, specifically their physical location privacy, is paramount to them and their families. Further, many survivors are victims to police men and women, making this under-served population a critical voice in discussions concerning surveillance technologies. At the hearing, A women with incredible courage showed up to educate the committee about her and the other 5,000+ Address Confidentiality Program participants. With permission, below is her testimony.

As content on our website is licensed using Creative Commons, please feel free to use share her testimony to further privacy rights.

Madame Chair, and members of the committee,

I am here today to discuss a part of my life so terrifying that, at times, I have actually contemplated writing a horror movie script.

Please forgive me, but by the end, it will make sense to today’s hearing.

I am here as a participant in the Washington State Address Confidentiality Program, ACP for short.

You will never understand, nor will I ever be able to convey the fear and torment that one individual can deliver. His words are still etched in my mind: “No woman is going to tell me, a man, what to do.” When trying to end a relationship, what I got in return was physical abuse and psychological terror. I would see him outside my home, my work, at my children’s school or stalking me in my rear-view mirror.

At times, he would convey to me each and every way or place he could have killed me that day.

I discovered that he had made duplicate keys of both my home and my car. Changing door locks didn’t matter. He still got inside. He was letting me know that he was in control.

My oldest son and I would eventually bobby trap our doors when we left, to more easily determine if he might be inside when we returned.

And though time, our much-loved pet cats disappeared one by one.

I lived through death and kidnapping threats to my children’s lives. I feared for my own life.

And in utter, desperate fear one night, I called a helpline, told them of my situation, and was advised to leave the state immediately. I did. On their advice, I gave my house keys to a friend, told nobody where I was going, put my kids and some clothes in my car, and drove to a state where I was offered protection.

I thank you so very much WA for the ACP. I no longer have to be afraid. It took me months but I no longer have to fear looking in my rear-view mirror.

This is hopefully the end of my desperate story.

But now, I want you to clearly understand one implication of unrestricted ALPR technology
I am here representing a vulnerable part of society, those who live in domestic violence situations. My ex-boyfriend kept telling me that he had connections to the police department, that there was no place to hide.

What if that was true? What if someone like me, couldn’t hide ever?

With unrestricted and retained ALPR data that becomes a real possibility.

I want you to consider the lives of spouses of law enforcement who might be in a domestic violence situation. My tale of torture existed because my stalker knew where I lived. Please protect your citizens, all your citizens, from potential location abuse. Please put restrictions on ALPR data.

We get excellent coverage in the Seattle Times

Seattle Privacy Coalition hits it big in the Seattle Times. In the paper edition, we are on Page One above the fold! Click the screen shot to see the original article.

seatimes_phil_lee

Seattle’s operating surveillance ordinance still needs fixing

In January 2013, the West Seattle Blog reported on the surveillance cameras being installed along Alki Beach. Their continued coverage of the cameras and wireless mesh radios is well worth a read for a detailed background on this post.

I recently noted that one of the wireless mesh nodes was transmitting, in contradiction of the City’s repeated assurances that the network was “turned off,” while I was attending a protest outside the King County courthouse in City Hall Park near 3rd Ave and Yesler Way. My post to Twitter caught the attention of the Seattle Police Department, who promptly shut off the node and posted a blog entry and tweeted about it. The following tweets appeared on Twitter that day, with much more commentary on the original post (which you can see if you click on the date stamp below.)

Seattle Police officer Sean Whitcomb’s reply on the SPD blotter makes a misleading claim, that “The rogue node, while producing a visible signal, was not being operated.” This isn’t only misleading because radio waves are invisible. They’re also not visible because the Service Set IDentifier (SSID or “network name”) of these mesh nodes gives no indication that they’re operated by the police department. It’s not the sort of thing that a nontechnical person would notice, even if they saw it listed on a computer or mobile device when they were trying to find a wireless network. It’s also misleading to claim that the node was “not being operated”.

The device may not have been switched on intentionally, it may not have seen any active traffic from SPD vehicles or those of other city departments while it was powered on and transmitting, but a claim that it wasn’t operating is the same category of the “non-operational” SPD cameras installed throughout the city. The glowing blue light indicates that power is applied to the cameras, just as the blinking orange and green lights indicate that mesh network nodes have power and some sort of activity. According to the Seattle Police’s definition of “operating”, these networked surveillance cameras aren’t “in use” because the digital video recording system to which they’re attached isn’t capturing any of their video feeds.

However, as Mayor Murray opined in an interview on the matter, the cameras and their mesh network could be switched on if the City decided they were needed for some sort of emergency (the Boston Marathon bombing was mentioned, but any emergency could do). Now, this mayor may have no intention of using these cameras and Seattle’s current police force might not intend to use their mesh network to monitor the movements of every active WiFi and Bluetooth device in the city (see The Stranger’s article You Are A Rogue Device), but we’re a country of laws, not of men.

Seattle should revise its ordinance regarding the installation and use of surveillance equipment. We made recommendations to the city council regarding Ordinance 124142 in March and this matter still needs to be addressed.

The sort of thing we are curious about…

As Seattle Privacy discusses the need for privacy oversight in City Hall, we are interested in both the big policy and governance questions and in the technical details of privacy-sensitive technology. Here is an example of the latter, drawn from city paperwork involving Cascade Networks, Inc., the contractor that installed the police surveillance cameras and mesh radio network in 2012-2013. The radios that make up the mesh network are basically tricked-out, weather-proofed versions of normal Wi-Fi access points. Before the city “turned off” the radios last year, each of them was broadcasting a network ID that you could have seen on your laptop or cell phone alongside Starbucks or the name of your home wireless router.  The specs for the project included requirements about network access and logging:

mesh_spec

In bland technical language, we learn that the network has the following capabilities.

  • It can limit logins to a list of approved users stored in a database.
  • It can identify potential users based on username/password or hardware device IDs.
  • It will keep detailed logs (time, duration, identity, etc.) of client connections.

However, these details raise questions that still have not been answered by the Seattle Police Department or any other city office.

  • What happens if a random passerby with a laptop or cell phone attempts to “associate” with a city access point? The answer to this could have privacy and security implications for both parties.
  • Wi-Fi devices broadcast uniquely identifiable radio beacons; does the city equipment record these beacons, or can it be configured to do so? Authorities in Chicago are planning just such a capability in a potentially intrusive Big Data collection scheme.
  • How long will logs be kept, and who will have access to them? Will they be subject to public records requests?

These are questions that should have been asked and publicly debated at early stages of the planning process. They also quickly become issues of general policy: If data is collected, it will be used by any legal or illegal branch of government whose agents can pick up a phone. To protect privacy, don’t collect sensitive information in the first place.

Below is a link to the source documents, courtesy of Tacoma-based Infowars reporter Mikael Thalen, who discovered them on the Seattle.gov Web site:

http://www.scribd.com/doc/183600279/Port-Security-Video-Surveillance-System-with-Wireless-Mesh-Network-Seattle

Or download the document.