Surveillance & Society Alerts
I’m far from the only academic studying smart cities and big data-driven urbanism. One of the people who’s most inspired my work (in many ways) over the years, is Rob Kitchin – sometimes I even spell his name right! Rob has this fantastic new book, The Data Revolution, coming out in September from Sage, and very helpfully he has put the bibliography, and a lot of other stuff, online. This is the way scholarship should be. Too many of us still guard our ‘secret’ sources and keep our work-in-progress close to our chests. But if we want people to read what we do, think and take action, then more open scholarship is the way to go.
Over the last couple of weeks I’ve been working with Michael Vonn of BCCLA on the Ottawa Statement on Mass Surveillance in Canada. This statement was originally crafted on the occasion of the launch of the book Transparent Lives: Surveillance in Canada / Vivre à nu: la surveillance au Canada, at the ‘Politics of Surveillance Workshop’. This event brought together in Ottawa, Canada, May 9-10, 2014, an international group of academics and advocates to debate the various political, legal, social and technological strategies for challenging mass surveillance, protecting civil liberties and advancing democratic rights. I see this as a minimum set of demands that answers the question ‘what do we do?’ and about how Canadian government needs to respond to the Snowden revelations and the new era of big data and ubiquitous surveillance into which we are rapidly and blindly accelerating…
The Statement reads as follows (and you can also read and sign it here) (in English first, and then French):
Ottawa Statement on Mass Surveillance in Canada
We are entering an age of big data and ubiquitous surveillance. We know:
- That governments and private corporations routinely collect and sort massive amounts of personal data for multiple reasons from national security to marketing;
- That there is extensive targeting and profiling of individuals and groups on grounds of race and ethnicity, political and religious views, social class, age, gender, sexual preference and disability;
- That Canadian privacy and data protection laws and regulations are regularly bypassed, undermined or broken, and are inadequate for dealing with information and privacy rights in the age of big data and ubiquitous surveillance.
We the undersigned are agreed:
1. That all levels of government in Canada must fully respect the Canadian Charter of Rights and Freedoms including the right to privacy, freedom of thought and expression, freedom of association and peaceful assembly, and security against unreasonable search and seizure.
2. That all proposals for changes to information and privacy rights must be presented, justified and debated in a transparent manner. No changes to information and privacy rights and statutory privacy law should ever be embedded in omnibus bills or otherwise hidden in legislation relating to other issues.
3. That the extension of ‘lawful access’ regimes allowing government bodies to collect and/or purchase and store personal data without specific judicial permission, should be halted. All such proposed changes must be subjected to tests of necessity, proportionality, minimality and effectiveness, with the burden of proof being on the government. In addition, security vulnerabilities in communications systems must be addressed and fixed rather than exploited by government agencies.
4. That the powers of provincial and federal privacy commissioners should be commensurate with the quasi-constitutional status of privacy law. Commissioners should have extended powers and appropriate financing and staffing, to initiate investigations, as well as react to complaints, and prosecute and fine state bodies and private companies for breaches of that law.
5. That all state security, intelligence, policing and border agencies must be brought fully under proper legal regulation, judicial authorization, transparency and democratic accountability. While it is necessary for the government to have some secrets and conduct some secret activities, this does not mean that these should be governed by secret law or exceptions from law. In particular:
- That government agencies must fully disclose the legal definitions of the terms employed for surveillance, the kind of data they gather and the full justifications for surveillance and data gathering.
- That the government must publically acknowledge all secret international security treaties, agreements and memoranda that require the sharing of personal data, affect free movement and personal security, or place Canadian state surveillance in the service of other sovereign states, international agencies or the private sector.
- That the government must implement the recommendations of the O’Connor Inquiry into the case of Maher Arar1 including the introduction of integrated oversight and review mechanisms.
6. That negotiations for all new international treaties, agreements and memoranda, including international trade agreements, which might affect information and privacy rights, must be transparent, consistent with the Canadian Charter of Rights and Freedoms and privacy law, subject to parliamentary and public scrutiny, and if necessary referred to the Supreme Court.
7. That a full, transparent and participatory public process must begin to create a comprehensive legal framework for information and privacy rights and freedoms, built on the Canadian Charter of Rights and Freedoms and acknowledging the United Nations’ reaffirmation of privacy as a fundamental human right.2
Déclaration d’Ottawa sur la surveillance de masse au Canada
L’époque qui s’annonce sera marquée par les mégadonnées et l’omniprésente de la surveillance. Nous savons :
- Que les gouvernements et les entreprises privées font systématiquement la cueillette et le tri d’énormes quantités de données personnelles pour des raisons variées allant de la sécurité nationale à la commercialisation ;
- Que le ciblage et le profilage des individus et des groupes en fonction de la race, de l’ethnie, de l’opinion politique et religieuse, de la classe sociale, du genre, de l’orientation sexuelle et du handicap est pratique courante ;
- Que les lois et les règlements de protection de la vie privée et des données personnelles sont régulièrement contournées, sapées ou enfreintes, qu’ils sont insuffisants pour faire respecter le droit à la vie privée et le droit à l’information à notre époque de mégadonnées et de surveillance omniprésente.
Nous sommes d’accords pour affirmer:
1. Que tous les paliers de gouvernements du Canada sont tenus de respecter pleinement la Charte canadienne des droits et libertés, y compris le droit à la vie privée, la liberté de pensée, la liberté d’opinion et d’expression, la liberté d’association et de réunion pacifique, et la protection contre les fouilles, les perquisitions et les saisies abusives.
2. Que tout projet de modification aux libertés, au droit à l’information et au droit à la vie privée doit être présentée, justifié et débattu dans la transparence. Aucune modification au droit à la vie privée, au droit à l’information de même qu’aux lois d’accès à l’information et de protection des renseignements personnels ne devrait être insérée dans un projet de loi omnibus ou autrement camouflée au sein d’un projet de loi portant sur d’autres sujets.
3. Que l’extension des régimes dit d’«accès légal» permettant aux organismes publics de recueillir et/ou d’acheter et de stocker des données personnelles sans devoir obtenir d’autorisation et sans forme de supervision doit être arrêtée. Que toute modification de ce type doit être soumise à un examen visant à démontrer sa nécessité, sa proportionnalité, sa minimalité et son efficacité, le fardeau de la preuve incombant à l’État dans chacun des cas. En outre, les failles de sécurité dans les systèmes de communication doivent être corrigées plutôt qu’exploitées par les organismes publics.
4. Que les pouvoirs des commissaires à la protection de la vie privée, tant au niveau fédéral que provincial, devraient correspondre au statut quasi-constitutionnel des lois de protection des renseignements personnels. Les commissaires devraient donc jouir de pouvoirs étendus, d’un financement et d’un personnel permettant de réaliser des enquêtes, de donner suite aux plaintes, ainsi que de poursuivre et de mettre à l’amende les organismes publics et entreprises privées qui enfreignent la loi.
5. Que les services de sécurité, de renseignement, de police et de douane doivent être soumis à une réglementation, une autorisation judiciaire, une transparence et une reddition de comptes adéquates. Bien qu’il puisse être nécessaire pour un gouvernement de tenir des choses secrètes et de conduire des activités dans le secret, cela ne signifie aucunement que de ces dernières doivent être régies par des lois secrètes ou des exceptions à la loi. En particulier :
- Que les organismes publics doivent divulguer entièrement les définitions légales des termes employés pour effectuer de la surveillance, le type de données qu’ils recueillent et les justifications complètes de la surveillance et de la cueillette de données.
- Que le gouvernement doit reconnaître publiquement tous les traités, accords et protocoles qui exigent le partage de données, affectent la libre circulation et la sécurité personnelle ou mettent la surveillance de l’État canadien au service d’autres états souverains, d’autres organisations internationales ou du secteur privé.
- Que le gouvernement doit mettre en œuvre les recommandations de la Commission d’enquête O’Connor sur les actions des responsables canadiens relativement à Maher Arar1, y compris la mise en place de mécanismes intégrés de supervision et d’examen.
6. Que la négociation de tout nouveau traité, accord ou protocole international, y compris dans le cas d’un accord commercial international, qui pourrait avoir une incidence sur le droit à l’information et le droit à la vie privée, doit être transparente, conforme à la Charte et aux lois sur les renseignements personnels, en plus de faire l’objet d’un examen minutieux de la part du public et du parlement et si nécessaire de la Cours suprême.
7. Qu’un processus complet, transparent et ouvert à la participation du public doit commencer à bâtir un cadre juridique détaillé pour les libertés et les droits relatifs à l’information et à la vie privée, reposant sur la Charte et reconnaissant la réaffirmation par les Nations Unies du droit à la vie privée comme droit fondamental de l’être humain.2
Notes de bas de page:
 Résolution adoptée par l’Assemblée générale de l’ONU le 18 décembre 2013. 68/167. Le droit à la vie privée à l’ère du numérique.
Signatures (as of 22/05/2014):
Prof. David Murakami Wood, Dr. Jonathan Obar, Prof. David Lyon, Prof. Ron Deibert, Prof. Micheal Geist, Prof. Andrew Clement, Prof. Leslie Shade, Prof. Benjamin Goold, Dr. Monia Mazigh, Prof. Cindy Blackstock, Dr. Yasmeen Abu-Laban, Prof. David Grondin, Prof. Lisa Austin, Prof. Colin Bennett, Prof. Elena Razlogova, Prof. Christine Bruckert, Prof. Gabriella Coleman, Dr. Andrea Slane, Prof. Teresa Scassa, Prof. David Phillips, Prof. Maritza Felices-Luna, Prof. Martin French, Prof. Ian Goldberg, Prof. Randal Marlin, Prof. Laureen Snider, Prof. Valerie Steeves, Prof. Lori Stinson, Prof. Bryan Sacks, Prof. Dwayne Winseck, Prof. Benjamin Muller, Shawna Finnegan, Nadim Kobeissi, Sharon Polsky, Steve Chapman, Mathieu Gauthier-Pilote, Annette DeFaveri, Philippe Frowd, Dr. Brenda McPhail, Jennifer Barrigar, Ozgun Topak, Dr. Adam Molnar.
OpenMedia.ca, B.C. Civil Liberties Association, National Council of Women of Canada, Surveillance Studies Centre at Queen’s University, Amnesty International Canada, Canadian Internet Policy and Public Interest Clinic, FACIL, International Civil Liberties Monitoring Group, Privacy and Access Council of Canada, National Council of Canadian Muslims, Privacy International, North American Association of Independent Journalists, Free Dominion, B.C. Library Association, B.C. Freedom of Information and Privacy Association, Pirate Party of Canada, Canadian Civil Liberties Association.
I’ve always defended the right to photograph in public places. However, a number of cases in the last few weeks are highlighting an important new development in this area, a new front in the increasingly confusing information wars. Gary Marx always like to say that surveillance is neither good nor bad but that intent, circumstances, and effects make it so, but a growing number of people and organizations seem to be treating surveillance – or at least watching, and certainly not all watching is surveillance – as a right which supersedes rights to privacy. We’ve seen this in the case of Google Glass – even before it was launched commercially – and more recently with the arguments over the ‘right to be forgotten’ in Europe, with personal privacy being counterposed to freedom of information and actions to protect privacy being compared to censorship. It’s all somewhat reminiscent of Dave Eggers’ novel, The Circle, in which a Facebook-Google-Apple-a-like company completely turns around social values until, as one of the corporate slogans has it, “PRIVACY IS THEFT!”
The latest case is that of the use of drones / micro-UAVs / MAVs in the USA. The Federal Aviation Authority (FAA), the government body that controls US airspace, is trying to regulate the use of drones and has attempted to fine commercial drone operators who fly surveillance drones without their permission. The case revolves around one Robert Pirker, who used an unlicensed drone to film a promotional video back in 2011. At the moment the FAA is appealing against the National Transportation Safety Board (NTSB), who rule that it could not fine Pirker as it did have jurisdiction over small drones. Now the media has weighted in on Pirker’s side, arguing that the FAA’s stance infringes the first amendment and creates a ‘chilling effect’ on journalism.
I’m really not sure about either argument. On the FAA side, this is partly about a bureaucracy trying to keep control of its regulatory territory as much it is about the object of the regulation – the FAA does not want to be seen to be losing control just as the number of small drones is increasing massively.
On the other side, is this really about the rights of journalists? Pirker was making a commercial film not covering a story, and the effect of the FAA’s ruling being overturned is more likely to open the door to a corporate free-for-all, an absurd PKDickian world of drones as far as the eye can see, with all the attendant crashes and legal battles, could result. Think not? Well, back in the 1900s, people thought there would never be that many cars on the roads either… so it is certainly it is partly about their mandate, i.e. air safety.
The big question here, as with Google Glass and with Search, is whether technological change makes a difference. Is a flying camera just the same as a hand-held camera? Does the greater potential for intrusion, or on the other hand the inability to know that one is being filmed, matter? Does that possibility that ‘the truth’ will be revealed justify any technological method used to obtain it? If not, which ones are acceptable, whereis the line drawn, and who decides and how? In the UK, the ‘public interest’ would be a good basis for deciding, as has been frequently alluded to in the Leveson Inquiry into telephone tapping conducted by Murdoch-owned newspapers, however ‘public interest’ is a much vaguer term in the USA… what is certain is that conflicts around the ‘right to watch’ versus the ‘right to privacy’ and other human rights and social priorities are only going to intensify.
While Viktor Mayer-Schönberger is arguing today both that there’s really not a lot new to the European Court of Justice decision to order Google to adjust its search results to accommodate the right to privacy for one individual and that it really won’t be a problem because Google already handles loads of copyright removal requests very quickly, the decision has also sparked some really rather silly comments all over the media, usually from the neoliberal and libertarian right, that this is a kind of censorship or that it will open the door to states being able to control search results.
I think it’s vital to remember that there’s really an obvious difference between personal privacy, corporate copyright and state secrecy. I really don’t think it’s helpful in discussion to conflate all these as somehow all giving potential precedent to the other (and I should be clear that Mayer-Schönberger is not doing this, he’s merely pointing out the ease with which Google already accommodates copyright takedown notices to show that it’s not hard or expensive for them to comply with this ruling). State attempts to remove things that it finds inconvenient are not the same as the protection of personal privacy, and neither are the same as copyright. This decision is not a precedent for censorship by governments or control by corporations and we should very strongly guard against any attempts to use it in this way.
Google algorithms already do a whole range of work that we don’t see and to suggest that they are (or were) open, free and neutral and will now be ‘biased’ or ‘censored’ after this decision is only testament to how much we rely on Google to a large extent, unthinkingly. This is where I start to part company with Mayer-Schönberger is in his dismissal of the importance of this case as just being the same as a records deletion request in any other media. It isn’t; it’s much more significant.
You are sill perfectly free to make the effort to consult public records about the successful complainant in the case (or anyone else) in the ways you always have. The case was not brought against those holding or even making the information public. What the case sought to argue, and what the court’s verdict does, is to imply that there are good social reasons to limit the kind of comprehensive and effortless search that Google and other search engines provide, when it comes to the personal history of private individuals – not to allow that one thing that is over and one to continue to define the public perception of a person anywhere in the world and potentially for the rest of their life (and beyond). Something being public is not the same as something being easily and instantaneously available to everyone forever. In essence it provides for a kind of analog of the right of privacy in public places for personal data. And it also recognizes that the existence and potentials of any information technology should not be what defines society, rather social priorities should set limits on how information technologies are used.
Personally, I believe that this is a good thing. However, as the politics of information play out over the next few years, I also have no doubt that it’s something that will be come up again and again in courts across the world…
PS: I first wrote about this back in 2011 here – I think I can still stand behind what I though then!
A small start-up called Solar Roadways is seeking funding to commercialize what looks like a revolutionary idea – smart roads made of glass that generate power, can be programed with all the usual information that roads have now (and more) and which stay clear in winter (though micro-heating elements). It’s one of those inventions that looks amazing but of courses raises a lot of questions: what is the EROI (energy return on investment – i.e. will they actually use more energy to construct and maintain than they generate)? What is the longer-term lifespan of the elements? And does the ‘two-way communication’ capacity of these roads mean that all roads would also be automated surveillance devices – and is that a problem?
Privacy International has produced a much-needed survey of the state of the surveillance industry, following its other excellent report on the use of development aid to push surveillance technologies on developing countries. The British government’s response, voiced by the Chair of the Parliamentary Committee on Arms Export Controls, Sir John Stanley, has been a typically limp one, largely concerned with the possibility of such systems being sold to ‘authoritarian regimes’ yet blustered and talked of ‘grey areas’ when it came to Britain’s responsibility for this trade.
But this is all way too little too late. I warned of the danger of the increased technological capabilities and decreasing costs of ‘surveillance-in-a-box’ systems as far back as 2008 (see my post here which refers to that). Instead of taking horizon-scanning and pre-emptive action to limit this, Britain, the USA and many other states have encouraged this trade with state aid – as they have with military and security industries more broadly – and, not least, encouraged the use of surveillance on a global scale themselves. Their own extensive breaches of human rights through programs like PRISM and TEMPEST give them no real moral high ground to talk about what authoritarian regimes might do, when they are already pursuing the same actions.