No privacy concerns over Estonia’s eGovernment
Estonia, probably one of the states with the best developed IT infrastructure, went further with digitalizing their citizens data than any other European country dared. With their personal ID cards, citizens can access virtually any data the government, insurances and banks have on them online: social security status, bank loans, land register and even doctors prescriptions. It is even possible to register a new born child online. Of course elections are online as well, just like votes in the parliament. All of this is no problem from a data protection and privacy perspective, says President Toomas Hendrik Ilves. Every personal ID card features a certificate, which can be used for secure communication and encryption of data. More importantly, every time data of a person is accessed, the person gets notified and this event is flagged. This way, abuse is minimised because everyone knows at every point who accessed which information. This wouldn’t be possible with data being available only on papers. The state provides the secure infrastructure for communication and for access to the data. But authentication is independent and thus should ensure that everyone’s data is safe.
Recently, Estonia published the source code of the sever-side software of their e-voting system and asked the public to review it for flaws. The developers themselves say it is secure, however there are still many critical voices against this technology (English translation).
Still, the country could be a role model for many countries world-wide and a good example how the power of new technology can be used while minimising possibilities of abuse. Austria, a country where digitising health data to make the health system more efficient, still causes a huge public, ridiculous debate (English translation), should certainly take a look at this small country in northern Europe.
Video surveillance in citi bikes?
Recently, a blog post by John Powers caused some excitement and confusion. Powers posted an article stating that New York City’s citi bikes have cameras hidden in them, which film traffic as well as the driver. He even quoted a police commissioner who explained that they are used for catching criminals.
However, as it turns out, the story was fake. Citi bikes do not have cameras hidden inside. But it wouldn’t be surprising and is not unrealistic. Especially, since cameras in cars are becoming more common and even modern light posts are becoming more intelligent. Cameras in bikes would help investigate traffic accidents. However, I doubt that they would be useful for anything else and just for this purpose the investment would probably be too high.
Using GPS to hijack ships and crash drones
Satellite navigation systems such as GPS, the Global Positioning System that provides location information for our smartphones and navigation systems, have become a very useful tool in our daily lives. While today we mostly rely on the US GPS, built in the 1970s, even Europe, after many delays, will finally have its own system (Russia already has their own called GLONASS).
However, the more we rely on GPS navigation, not only for posting our location on Facebook but for car, plane and ship navigation, the more incidents happen, which show the vulnerability of the technology. In 2012 a drone by the Austrian manufacturer Schiebel crashed in South Korea, killing an engineer. It was believed back then that this happened in connection with GPS signal jamming by North Korea, which caused navigation problems in the past. This adds to other drone vulnerabilities discovered in recent years, such as unencrypted video feeds.
Now, students of the University of Texas showed in an experiment how they could hijack a Yacht using GPS spoofing without any crew member noticing (similar to what Iran claimed to have done in 2011). They achieved this by creating a fake GPS signal and slowly increasing its signal strength until the ships automatic navigation system completely relied on this signal. Then, they slowly changed the signal to make the Yacht believe it is off course and to correct for it. Here is a description about the method:
Masking by blinding: The IR headband
A work during a film festival in Stuttgart / Germany a few years back offered another interesting idea for countersurveillance. The device called I-R A.S.C. basicly consists of a headband and infrared LEDs. The headband can be worn in public like any other accessory. But since the LEDs work in the infrared range of the light spectrum, humans do not see the light it is emitting. However, video surveillance cameras, which work with IR filters during the night, are blinded and the face of the person wearing it is not recorded. This is a surprisingly simple yet effective solution if one would not like to be recorded by a camera. Please note that during the day probably most cameras are in day mode and do not work with IR light. So don’t get too comfortable.
Camover: Vandalism is no game
In the “fight” against video surveillance, a new type of real-world game was recently invented in Berlin/Germany: Camover. And the rules are quite straight forward: Destroying as many video surveillance cameras as possible, filming the act and uploading it to YouTube. While not required, it is recommended to conceal your identity while filming. The game ends on 19 February; the day the 16th European Police Congress starts in Berlin (Anonymous Austria initiated a similar operation recently as well). One might think of this game as a valid method to fight suppression, surveillance and intrusion into our privacy. However, I think it should be seen as what it is: Pure vandalism, which will not change a thing. The cameras will be replaced with new, state-of-the-art megapixel cameras. In the end, it is we, the tax payers, who will have to pay for the damage done. Video surveillance in public is not necessarily a bad thing, especially if we look at some recent “success stories” in Austria, where crimes were solved using video surveillance. And I know of not one case, where video surveillance in the public has been abused (yet). Having said that, making sure that abuse is not possible and that our right to privacy is not tampered with, is a main concern of mine. This can for example be achieved by creating feasible laws and by new technology, which has been built with privacy by design in mind. But destroying cameras is definitely no solution.
Related articles
- This Game Awards You Points For Smashing Real World Cameras (kotaku.com)
- Berlin activists create CCTV-smashing street game (boingboing.net)
- Anti-surveillance activists turn smashing CCTV cameras into a competitive game (theverge.com)
- Camover – Fighting the System with Gamification (urbantimes.co)
“Anti-drone city” to protect from attacks
Following my recent post about the anti-drone hoodie, the work of Asher J. Kohn is worth mentioning. He drafted an architectural concept for an “anti-drone city“, which uses several technological tricks to defend against detection from drones. Towers, which change heat patterns are used to confuse thermal detection systems. Windows made out of LED screens project changing patterns to produce false detections. Displays in the courtyard show QR patterns and fake shadows.
All deflection systems used are meant to confuse completely autonomous military drones to draw attention away from humans. However, as soon as a human is in the loop and looks at the drone’s camera images all this effort is worthless. Further, the concept is targeted at military applications and thus is basically another defence system for war zones.
I believe that anything developed to save human lives is a good effort. But concepts that can protect individuals from urban, every-day drone surveillance are worth thinking of as well. For example, wouldn’t it be interesting to develop a kind of opt-out surveillance system? To define a standard, in which individuals can choose if they want to be seen or not? Similar to location tracking on smart phones. Individuals, who do not want to be tracked would be left out of the image (e.g. by pixelating them or replacing them with an avatar). Of course, this system could be overruled for Police use but it would protect us from private drone surveillance in the future. It would be a good compromise between growing drone usage and the protection of our privacy. I believe, these ideas are worth developing further.