Surveillance State

Dear Readers,

I'll be taking the summer off from blogging here at Surveillance State.

On May 5, I started a summer internship at the American Civil Liberties Union of Northern California. I want to avoid any possible conflict of interest regarding my blog posts, and so the simplest solution is to not blog.

In early September, I move to Boston to begin a 1 year student fellow position at the Berkman Center for Internet and Society at Harvard Law School. I fully expect to begin blogging again as soon as I get to Boston.

See you in a few … Read more

Updated on 5/19/08 with comment from RealPlayer (see below)

Users of YouTube and other video-sharing sites could face $750 per clip penalties if they have watched a video that was uploaded without the copyright holder's permission.

Copyright infringement in the United States strict liability offense. What this means, is that users are liable when they illegally copy works, even if they're not aware that this is wrong, or that the work is protected by copyright.

As an example, let us consider the popular video sharing website YouTube.

Every week, 6 days after the show airs, HBO … Read more

Over the past few weeks, things have heated up again in Lebanon, with the U.S.-backed government on one side and the Syrian-backed Hezbollah on the other.

To many U.S. observers, this might be just another case of tensions flaring up in the Middle East. Do not be fooled. This is all about telecommunications policy--and the design of secure, attack-resistant data networks.

But first, a bit of background. Hezbollah and Israel have been at war for some time. In an effort to stop Hezbollah's guerrilla fighters from communicating, Israel has in the past jammed the cell phone … Read more

The United Kingdom has the most surveillance cameras per capita in the world. With the recent news that CCTV cameras do not actually deter crime, how can the local town councils justify the massive surveillance program? By going after pooping dogs.

In a recent interview with The Guardian, the head of the Metropolitan Police's Visual Images Office explained the failings of CCTV:

"Billions of pounds has been spent on it, but no thought has gone into how the police are going to use the images and how they will be used in court. It's been an utter … Read more

A new IRS Web site that allows taxpayers to check on the status of their refund checks could lead to users being phished.

The new "Where's my stimulus payment?" site asks taxpayers to enter in their Social Security number, and a few other trivial bits of information before informing the user of the amount of their refund, and the date it will be sent out.

While no doubt useful, this Web site sets a horrible example, and encourages dangerous behavior by users. Furthermore, in the hands of someone who knows the last four digits of a taxpayer'… Read more

There is no right to privacy at international borders. For those of us with laptops, this presents a pretty major problem: How do we get through U.S. Customs with our beloved portable devices, without having Uncle Sam peeking at every e-mail we've sent, every MP3 we've listened to, and every "home movie" we've made?

The obvious solution, encryption, is not enough. Non-Americans have no right to enter the U.S. Don't want to hand over your encryption keys? No problem--but you will be put on the next airplane back to your home country (… Read more

The Transportation Security Administration is joining the 21st century. Just 5 years after security experts first outlined methods for faking boarding passes (and 2 years after the FBI raided my home for automating the process), TSA is finally testing out technology to neutralize this security threat. The only problem? The new authenticated boarding passes lay the groundwork for a surveillance state, enforceable all-points-bulletins, and most scary of all, data discrimination.

Can TSA be trusted to do the right thing?

For the last 4 months, Continental Airlines and TSA have been running a pilot project, which permits passengers to pass through security … Read more

A few weeks ago, I brought you news that Indiana's Governor had signed into law HB 1197, a data breach and encryption bill that I worked on.

What I have not revealed, up until now is the coercion and arm-twisting that accompanied the passage of this bill. While the details may not surprise jaded readers, it certainly gave me a reason to dislike the entire process, as well one particular power-tripping legislator. Now that the bill, albeit a significantly slimmer version, has become law, I'm free to tell the story.

As regular readers of this blog know, I … Read more

European regulators sent shock-waves through the search engine industry earlier this week, when they proposed significantly tighter rules for logging data. If the EU adopts the proposed rules, Google, Yahoo and Microsoft will have to significantly reduce the amount of time they keep identifying search logs, and will have to start treating IP addresses as personally identifiable data -- something that Google has been particularly vocal against.

Google has recently engaged in a major public relations effort to try and make a credible argument for keeping log data. The company has trotted out respected employee researchers to try and make … Read more