I'm reading her book The Silent State at the moment, which is a real eye-opener.

Schools 'break law' to spy on pupils

Pupils are monitored by CCTV cameras as frequently as inmates in prisons and passengers at airports, research shows

• Jessica Shepherd
• guardian.co.uk, Monday 15 March 2010 14.19 GMT
• Article history

Young people are being stripped of basic liberties, says researcher. Photograph: Alamy

 

Most schools in the UK are probably breaking the law by failing to alert students to the scores of cameras capturing their conversations and movements in playgrounds and classrooms, a study has claimed.

Cory Doctorow at 10:26 AM March 15, 2010

In this two-year-old classified Army Counterintelligence Center report (hosted on wikileaks.org, where else?), American spooks set out to destroy Wikileaks by intimidating its sources. They cite as justification for this the fact that Wikileaks has outed American embarrassments and crimes including "US equipment expenditure in Iraq, probable US violations of the Chemical Warfare Convention Treaty in Iraq, the battle over the Iraqi town of Fallujah and human rights violations at Guantanamo Bay."

The governments of China, Israel, North Korea, Russia, Thailand, Zimbabwe, and several other countries have blocked access to Wikileaks.org-type Web sites, claimed they have the right to investigate and prosecute Wikileaks.org and associated whistleblowers, or insisted they remove false, sensitive, or classified government information, propaganda, or malicious content from the Internet. The governments of China, Israel, and Russia claim the right to remove objectionable content from, block access to, and investigate crimes related to the posting of documents or comments to Web sites such as Wikileaks.org. The governments of these countries most likely have the technical skills to take such action should they choose to do so

Wikileaks.org uses trust as a center of gravity by assuring insiders, leakers, and whistleblowers who pass information to Wikileaks.org personnel or who post information to the Web site that they will remain anonymous. The identification, exposure, or termination of employment of or legal actions against current or former insiders, leakers, or whistleblowers could damage or destroy this center of gravity and deter others from using Wikileaks.org to make such information public.

Wikileaks.org - An Online Reference to Foreign Intelligence Services, Insurgents, Or Terrorist Groups?

While catching up on local news, I was shocked to read that a school near my home town of Worcester has installed CCTV in the children's toilets.

I wasn't shocked that it happened, because I have read so many stories recently about people in low level positions of authority who assume they have a 'right to spy' that trumps any else's right to privacy. What shocked me was the headline itself. It didn't say "Headmaster arrested for installing CCTV in children's toilets", or "Headmaster resigns after being caught installing CCTV in children's toilets." It didn't even say "Headmaster apologises after installing CCTV in children's toilets." Instead the headline was a plain and unadorned "Chelmsley Wood school puts CCTV in pupil toilets."

It's time for us to decide what sort of world we want our children to grow up in. Do we want them to learn by example that privacy is not a basic human right, or a guiding principle that the law proudly upholds, but a forgotten dream? Or is it time to say enough is enough?

We are in danger of sleepwalking into a surveillance state. The school may not have broken any law, but that does not mean that we must accept this as just the latest step in the unstoppable erosion of our right to privacy. I believe it means that a law that sets reasonable, clearly defined limits on this sort of spying is long overdue. Unless we have that law, we will be powerless against the likes of Steve Chase, chief executive of Grace Academy, and his omnipresent cameras. He said, with no hint of sarcasm that the Sunday Mercury mentioned in their report, that the cameras were fitted 'due to health and safety concerns'.

I believe that we need to protect our children from the likes of Steve Chase. If you believe that too, then it's time to vote Pirate.

Schneier: CCTVs don't make us safer

By Cory Doctorow at 5:12 AM February 26, 2010

Bruce Schneier has written an outstanding essay for CNN on why sticking CCTV cameras on every corner doesn't make us safer, and can make us less safe by opening us up to abuse, and by causing police resources to be misallocated. This is required reading for the twenty-first century. Bruce points out that where there's a specific threat in a specific place -- casinos worried about cheats, shops worried about shoplifters, parking garages worried about skulking muggers -- CCTVs have some use. But as a catch-all solution to crime, they just don't work well enough to justify their expense in resources and liberty.

Pervasive security cameras don't substantially reduce crime. This fact has been demonstrated repeatedly: in San Francisco, California, public housing; in a New York apartment complex; in Philadelphia, Pennsylvania; in Washington; in study after study in both the U.S. and the U.K. Nor are they instrumental in solving many crimes after the fact.

There are exceptions, of course, and proponents of cameras can always cherry-pick examples to bolster their argument. These success stories are what convince us; our brains are wired to respond more strongly to anecdotes than to data. But the data are clear: CCTV cameras have minimal value in the fight against crime.

Although it's comforting to imagine vigilant police monitoring every camera, the truth is very different, for a variety of reasons: technological limitations of cameras, organizational limitations of police and the adaptive abilities of criminals. No one looks at most CCTV footage until well after a crime is committed. And when the police do look at the recordings, it's very common for them to be unable to identify suspects. Criminals don't often stare helpfully at the lens and -- unlike the Dubai assassins -- tend to wear sunglasses and hats. Cameras break far too often.

Spy cameras won't make us safer

By Jonathan Fildes Technology reporter, BBC News

Hi-tech helps Iranian monitoring The new cyber battlefield in Iran

Euro MPs have "strongly" criticised telecoms firm Nokia Siemens Networks for providing "surveillance technology" to the Iranian authorities.

In a resolution adopted on Wednesday, the MEPs said the hardware was instrumental in the "persecution and arrests of Iranian dissidents".

But Nokia Siemens said that the implication that it had provided censorship technology was "wrong"

It has previously said that it had installed "lawful" technology in 2008.

"We will be clarifying any inaccuracy in their understanding of our business in Iran with the European Parliament," Ben Roome of the firm told BBC News.

Nokia Siemens said the technology that it had installed was similar to that used "in all EU member states and the US".

Mr Roome stressed that the technology not used to monitor, filter or censor the internet.

"When you set up a modern network - as an operator - if you want a licence to operate you have to have a standard surveillance capability in the network," Christina Dinne, also of the firm, said.

Net benefit

Nokia Siemens told BBC News that it had provided "very basic surveillance" capabilities to Iran Telecom in 2008. The product is called Monitoring Centre and can be used to monitor local telephone calls.

"You can't track keywords," said Mrs Dinne.

Google says its Gmail traffic has dropped sharply in Iran

Details of Nokia Siemens activities in Iran first came to light in June 2009 when media reports accused the firm of helping the Iranian government intercept communications.

Technology - such as mobile phones - were widely used in protests following Iran's disputed election.

"We are, of course, aware of reports from Iran, and condemn any abuse of communication technologies that may have taken place," said Mr Roome.

"We strongly believe that mobile networks enhance individuals' lives, promote transparency, and empower citizens with effective means of feedback.

"In Iran they have clearly played a pivotal role in their ability to communicate, organise, and share their story with the outside world.

However, the MEPS called on the EU to ban similar exports to "governments and countries such as Iran".

The statements were part of a wider resolution that included a call for Iran to "restore the transparency of its nuclear programme".

Iran has said that it has begun a new phase of uranium enrichment at its Natanz plant.

The Iranian president Mahmoud Ahmadinejad announced the country has produced its first batch of uranium enriched to 20% at a rally marking Iran's revolution.

The anniversary is the most important day in Iran's political calendar.

The opposition Green Movement is also trying to stage counter-demonstrations.

In the past these have been coordinated via social networking sites such as Twitter and Facebook as well as through e-mail and mobile phones.

Reports suggest that the internet has been throttled with services such as Google's Gmail service markedly reduced.

EU to assess piracy detection software

Virgin Media will analyse traffic on the BitTorrent network

A human rights watchdog has asked the European Commission to assess the legality of software being used to analyse file-sharing in the UK.

The software in question is called CView and will be used by ISP Virgin Media to identify legal versus illegal traffic on its network.

The EC has said it will monitor the use of the software, following a complaint from Privacy International.

Virgin Media countered that the software posed no risk to privacy.

Privacy International has concerns about the software, designed by monitoring firm Detica.

It utilises so-called deep packet inspection, which means that it can identify actual file-names, making it possible to accurately find out what content is legal and what is not.

According to Alexander Hanff, head of ethical networks at Privacy International, use of such software is in breach of current UK law.

"Under the Regulation of Investigatory Powers Act (Ripa) intercepting communications is a criminal offence regardless of what you do with the data," he said.

Mr Hanff said he would file a criminal complaint if Virgin Media deployed CView.

He said the software is similar to that used by ad firm Phorm, which developed technology to monitor individual's web use in order to better target adverts.

Trials of the technology in the UK have been put on hold while the EC investigates how it was tested.

Legal service

The UK government is in the process of creating legislation that could see illegal file-sharers identified and, potentially, thrown off the network.

But this software will not do that job, said a spokesman for Virgin Media.

"It was never designed to capture identities. This isn't an answer for that," said Asam Ahmad.

Instead the software will be used to identify how much traffic on its network is illegal.

"We want to understand what we can do to reduce illegal file-sharing. This will tell us things such as the name of the top ten tracks being shared as well as the percentage of legal versus illegal," said Mr Ahmad.

Virgin Media is about to launch its own music service.

'Double-edged'

Mr Ahmad said no date had yet been set for the trial but told BBC News it will monitor traffic on three peer-to-peer networks notorious for trading illegal as well as legal software; Gnutella, eDonkey and BitTorrent.

He admitted that potentially 40% of Virgin Media's customers could have their data scrutinised and confirmed that it has no plans to inform them beforehand.

He also conceded that it would not be technically difficult to link up deep packet inspection technology with the IP addresses which would identify individuals but stressed that was not the plan currently.

"These mandates have not yet been set and when it comes down to identifying individuals or prosecuting them, that is a role for content providers, not us," he said.

Virgin Media is involved in an ongoing education campaign, which includes sending letters to those identified as downloading illegal content on its network.

Andrew Ferguson, editor of broadband news site ThinkBroadband, said the trial could be "double-edged".

"If Virgin can form a baseline for its 'illegal' P2P traffic, it can see how much effect any legislation has, and perhaps plan better for the letter forwarding side of things," he said.

But he pointed out that Virgin Media is not alone in using deep packet inspection - BT has been doing it for years, he said.

"It is possible they may be doing exactly what Virgin are doing," he said.

Justice department to accuse FBI of invoking crises to obtain details of more than 2,000 calls, Washington Post reports

• Chris McGreal in Washington
• guardian.co.uk, Tuesday 19 January 2010 20.06 GMT
• Article history

The US justice department is preparing a report which concludes that the FBI repeatedly broke the law by invoking terrorism emergencies that did not exist to obtain more than 2,000 telephone call records over four years from 2002, including those of journalists on US newspapers, according to emails obtained by the Washington Post.

The bureau also issued authorisations for the seizure of records after the fact, in order to justify unwarranted seizures.

The Washington Post said the emails show how counter-terrorism ­officials inside FBI headquarters breached regulations designed to protect civil liberties.

The FBI's general counsel, Valerie Caproni, told the Washington Post that the agency violated privacy laws by inventing non-existent terrorist threats to justify collecting the phone records. "We should have stopped those requests from being made that way," she said.

Caproni said that FBI's issuing of authorisations after the fact was a "good-hearted but not well thought-out" move to give the phone companies legal cover for handing over the records.

After the 9/11 attacks, the USA patriot act greatly expanded the government's ability to monitor American citizens, including increased access to their phone calls with the approval of lower-level officials than previously allowed. But the authorisation had to be tied to an open terrorism investigation.

The Washington Post said two FBI officers had raised concerns. Special agent Bassem Youssef observed that the necessary authorisations were not being sought before phone records were seized and were sometimes only given later in response to complaints from phone companies. Another official, Patrice Kopistansky of the FBI's legal office, noticed a similar problem. She also raised concerns when she was unable to get investigators to provide her with an open terrorism case to justify issuing relevant authorisation.

The Washington Post reported that Kopistansky and Youssef discussed the worsening "backlog" of cases without the necessary authorisations, or where false claims were made about terrorism emergencies. "I also understand some of these are being done as emergencies when they aren't necessarily emergencies," Kopistansky wrote to Youssef in April 2005.

The FBI subsequently issued a blanket authorisation covering all past searches, although its legality was questioned.

The Washington Post said journalists on the newspaper and the New York Times were among those whose phone records were illegally searched. The FBI later apologised to editors of both papers.

Paul Marks, technology correspondent

We reported last week on plans to enforce copyright law by forcing internet service providers to spy on consumers to detect and report every piece of copied music, movies, e-books, games and software.

Now one UK ISP, Virgin Media, is trialling some of the technology needed to do that on about 1.6 million of its customers.

Provided by Detica, a subsidiary of defence firm BAE Systems, the system is being used to try and gauge the size of the alleged piracy problem. CView, as the system is known, will take a snapshot of the scale of peer-to-peer music transfers over a few months.

It will do so by copying every packet of data that passes by, and looking for the digital signatures of data transferred using the popular bittorrent, gnutella, and edonkey file sharing protocols.

Whenever it finds a data packet that matches, it will extract the code these protocols use to identify the contents of the packet.

CView will then compare that code with a database of "musical fingerprints" to identify any music being shared, allowing it to work out if the data packet infringes copyright.

As a result, Virgin will find out how much file-sharing traffic is infringing copyright, and what the most-pirated tracks and albums are, the Register reports.

CView won't be able to finger individual users, because the IP addresses that identify each computer's connection will be stripped from every packet. But some Virgin customers are worried about the potential for it to be used for snooping at a later date.

CView's technology could conceivably be used to identify people accessing certain data, for example.

Or it could block certain content, in much the same way as China's "great firewall".

The anonymisation of the data in Virgin's assessment phase, and the fact that no humans see it, should mean the technology does not count as illegal interception, says Richard Clayton at the University of Cambridge's security lab.

But he says on the security group's blog that "it may take some case law before anyone can say for sure".