Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 1988-2008 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at ANU and the Uni. of Hong.

Published byKaitlyn Reynolds Modified over 10 years ago

Similar presentations

Presentation on theme: "Copyright 1988-2008 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at ANU and the Uni. of Hong."— Presentation transcript:

1 Copyright 1988-2008 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy Centre @ UNSW and at ANU and the Uni. of Hong Kong Chair, Australian Privacy Foundation http://www.anu.edu.au/Roger.Clarke/......../DV/YAWYB {.html,.ppt} Location Privacy Seminar – UNSW – 23 July 2008 YOU ARE WHERE YOU'VE BEEN Location Technologies' Deep Privacy Impact

2 Copyright 1988-2008 2 Prologue – 30 Anonymous Days in Spain

3 Copyright 1988-2008 3 Prologue – 30 Anonymous Days in Spain Air-Travel by identified credit-card tx, and Passport presentation at every border-crossing (2) Car-Hire by identified credit-card tx and passport Passport at every Casa Rurale and Hotel (14) Major Purchases (accomm., petrol, sustenance) by identified credit-card or debit-card tx (28) Cash Withdrawals by identified debit-card tx (1) AP (Autovia Peage) (20) Mobile phone (continuous)

4 Copyright 1988-2008 4 You Are Where Youve Been AGENDA Intellectual and Analytical Tools Location and Tracking Identity, Entity and Nymity Privacy and Dataveillance Location and Tracking Technologies Handhelds Motor Vehicles Human Bodies Threats Controls

5 Copyright 1988-2008 5 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points

6 Copyright 1988-2008 6 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,...

7 Copyright 1988-2008 7 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,... Precision, Accuracy, Reliability, Timeliness,...

8 Copyright 1988-2008 8 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,... Precision, Accuracy, Reliability, Timeliness,... Tracking – knowing the sequence of locations of something over a period of time

9 Copyright 1988-2008 9 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,... Precision, Accuracy, Reliability, Timeliness,... Tracking – knowing the sequence of locations of something over a period of time Real-Time-Tracking

10 Copyright 1988-2008 10 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,... Precision, Accuracy, Reliability, Timeliness,... Tracking – knowing the sequence of locations of something over a period of time Real-Time-Tracking Retrospective Tracking

11 Copyright 1988-2008 11 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,... Precision, Accuracy, Reliability, Timeliness,... Tracking – knowing the sequence of locations of something over a period of time Real-Time-Tracking Retrospective Tracking Predictive Tracking

12 Copyright 1988-2008 12 Concepts of Location and Tracking Location – knowing the whereabouts of something, in relation to known reference points Physical Space, Network Space, Intellectual Space,... Precision, Accuracy, Reliability, Timeliness,... Tracking – knowing the sequence of locations of something over a period of time Real-Time-Tracking Retrospective Tracking Predictive Tracking Associative Tracking

13 Copyright 1988-2008 13 Names Codes Roles Identity and Identifier

14 Copyright 1988-2008 14 The Entity/ies underlying an Identity

15 Copyright 1988-2008 15 Entity and Entifier

16 Copyright 1988-2008 16 Nymity

17 Copyright 1988-2008 17 Privacy The interest that individuals have in sustaining a 'personal space', free from interference by other people and organisations

18 Copyright 1988-2008 18 Privacy The interest that individuals have in sustaining a 'personal space', free from interference by other people and organisations Dimensions of Privacy The Physical Person Personal Behaviour Personal Communications Personal Data

19 Copyright 1988-2008 19 Why is Privacy ? Physical Needs Psychological Needs Social / Sociological Needs Economic Needs Political Needs The Philosophical Level

20 Copyright 1988-2008 20 Why is Privacy ? Physical Needs Psychological Needs Social / Sociological Needs Economic Needs Political Needs The Philosophical Level Highly Person-Dependent – Highly Context-Dependent

21 Copyright 1988-2008 21 Privacy Protection Privacy often conflicts with other interests: other interests of the same person interests of another person interests of a group or community interests of an organisation interests of society as a whole

22 Copyright 1988-2008 22 Privacy Protection Privacy often conflicts with other interests: other interests of the same person interests of another person interests of a group or community interests of an organisation interests of society as a whole Privacy Protection is a process of finding appropriate balances between privacy and multiple competing interests

23 Copyright 1988-2008 23 Vehicles for Privacy Protection Categories of Measures: Legal Organisational Technical

24 Copyright 1988-2008 24 Vehicles for Privacy Protection Categories of Measures: Legal Organisational Technical Secrecy Data Silo'ing Identity Silo'ing Nymity

25 Copyright 1988-2008 25 The Vacuousness of Data Protection Laws FIPs (Fair Information Practices) were designed for administrative convenience OECD Guidelines were designed to protect businesses from inconsistent national laws Exceptions, Exemptions, Loop-Holes Over-Rides and Small-Print Authorisations 1980 Provisions for 1970s Computing A Privacy Commissioner whose duty is to protect government and business, not privacy

26 Copyright 1988-2008 26 Vignettes of Location and Tracking Technologies V1Handhelds Computers Phones V2Motor Vehicles (specifically ANPR) V3Human Bodies Tightly-Associated RFID Tags Embedded Chips

27 Copyright 1988-2008 27 V1 Handhelds Personal Digital Assistants (PDAs) for computing on the move – for business or personal use, and for text, sound, image and/or video Wifi/IEEE 802.11x / WiMax/802.16x / iBurst Mobile Phones for voice-calls from any location within range of a transceiver connected to the relevant wireless network Analogue Early Digital, e.g. GSM, CDMA Third Generation/3G Digital e.g. GSM/GPRS, CDMA2000, UMTS/HSPA

28 Copyright 1988-2008 28 Location and Tracking of PDAs The primary identifier is generally the IP-Address, which is commonly assigned short-term The router may also have access to a device entifier, such as a processor-id or NIC Id Device entifiers are not tightly linked with the individuals who use each device But Multi-Functional Handsets connect with not only Wifi networks but also cellular networks … And Networks will converge over the next decade

29 Copyright 1988-2008 29 Location and Tracking of Mobiles Inherent There is insufficient capacity to broadcast all traffic in all cells The network needs to know the cell each mobile is in Mobiles transmit registration messages to base-station(s) They do so when nominally switched off or placed on standby What is being tracked: The SIM-card, an identifier The mobile-phone id, an entifier The SIM-card and/or mobile-phone may be registered to a human identity (and may be required by law to be so) The vast majority of handsets are used for long periods with a single SIM-card installed, and by a single person

30 Copyright 1988-2008 30 The Practicability of Location and Tracking Location is intrinsic to network operation () Tracking is feasible, because the handset sends a stream of messages () Real-Time Tracking is feasible if the data-stream is intense and latency is low () Retrospective Tracking is feasible if the series of locations is logged (), and the log is retained () Predictive Tracking is feasible if the data-stream is intense and latency is low () Associative Tracking is feasible if data-streams are intense and precision is high ()

31 Copyright 1988-2008 31 The Precision of Handset Location Intrinsically, the Cell-Size: 1km-10km radius for Mobile non-CBD 100m radius for Wifi & CBD Mobile Potentially much more fine-grained: Directional Analysis Differential Signal Analysis Triangulation Self-Reporting of GPS coordinates

32 Copyright 1988-2008 32 The Accuracy and Reliability of Handset Location Directional Analysis The Case of the Cabramatta Murder Conviction Differential Signal Analysis A Wide Array of Error-Factors Triangulation Multiple Transceivers Multiple Error-Factors Self-Reporting of GPS coordinates Highly situation-dependent, and unknown Dependent on US largesse, operational requirements

33 Copyright 1988-2008 33 The Case of the Cabramatta Murder Conviction In 1994, a NSW MP, John Newman, was murdered In 2001, Phuong Ngo was convicted, sentenced to life in prison, 'never to be released', and is in solitary in a maximum-security prison In July 2008, after further pressure (from an ANU law academic and Four Corners), the NSW Chief Justice commissioned a formal review

34 Copyright 1988-2008 34 The Case of the Cabramatta Murder Conviction In 1994, a NSW MP, John Newman, was murdered In 2001, Phuong Ngo was convicted, sentenced to life in prison, 'never to be released', and is in solitary in a maximum-security prison In July 2008, after further pressure (from an ANU law academic and Four Corners), the NSW Chief Justice commissioned a formal review The conviction depended heavily on mobile-phone location evidence This made assumptions about the precision of directional analysis The evidence went unchallenged It appears to have been materially misleading

35 Copyright 1988-2008 35 Location and Tracking Technologies V2 Motor Vehicles Vehicles can be monitored in various ways, e.g. Manual Inspection of VINs, registration plates Passive RFID-tags passing control-points On-Board Transmitters, with self-reporting of GPS-based or other coordinates Vehicle Registration Data can be monitored: Cameras were wet chemistry, are now digital Extraction was manual, is now automated

36 Copyright 1988-2008 36 Automated Number Plate Recognition (ANPR)

37 Copyright 1988-2008 37 Automated Number Plate Recognition (ANPR) A Digital Camera Captures an image of a motor vehicles 'number' plate Software Extracts the registration data (numbers, letters, perhaps other data such as colour and jurisdiction identifiers) (Maybe) List(s) of Numbers Being Sought So that the extracted data can be compared with it Transmission Facilities Send the extracted data and perhaps other data elsewhere

38 Copyright 1988-2008 38 ANPR for (1) User-Pays Charging Transport infrastructure can be paid for centrally, or by the users of the resources It's attractive to extract revenue for: on-street parking use of space in garages and parking stations use of toll-roads use of congested areas such as inner-cities Reliable and inexpensive payment is needed Controls are needed over non-payers

39 Copyright 1988-2008 39 User-Pays Control Mechanism

40 Copyright 1988-2008 40 Privacy Threats in User-Pays Road Transport Denial of Anonymous Travel (no cash booths, no or inconvenient non-identified payment) Error Re the Registration Data: Indiscriminate Collection (i.e. all vehicles not just non-payers) Retention not Early Destruction Availability for Exploitation Availability for Disclosure

41 Copyright 1988-2008 41 Privacy-Sensitive Architectures are Feasible A simple example: Vehicle Registration Data could be retained for the duration of the trip only The payment tag could be issued, electronically, with a Receipt Number The operator could store the facility usage data that gave rise to the charge in combination with the Receipt Number, not the Registration Data But Privacy-Sensitive Architectures are not implemented

42 Copyright 1988-2008 42 ANPR for (2) Law Enforcement Traffic Administration. Detection and interception of Unregistered Vehicles, and of Vehicles owned by people whose driving licences are currently suspended Traffic Law Enforcement. Detection and prosecution of Offences, e.g. running red lights driving at a point-in-time speed in exceed of the speed limit ?driving at an average speed in excess of the speed limit ?Public Safety. Deterrence of unsafe practices (e.g. speeding, driving unregistered vehicles, driving unlicensed) ??Criminal Law Enforcement. Detection and interception of vehicles reported stolen, or associated with 'wanted people'

43 Copyright 1988-2008 43 Appropriate 'Blacklist in Camera' Architecture

44 Copyright 1988-2008 44 ANPR for (3) Mass Surveillance Indiscriminate collection Long retention Data Mining to generate suspicions All Australian Police Forces are adopting this approach, and are being aided and abetted by the Clth (Crimtrac)

45 Copyright 1988-2008 45 ANPR Quality Alliances of purveyors and purchasers suggest that registration data extraction is accurate and reliable But: Very little evidence is publicly available There appear to have been no independent tests Many factors reduce reliability, incl. the state of the registration plates, of the camera lens and of the light-path The extraction is by its nature 'fuzzy', and confidence threshholds have to be set Reliable extraction of the registration data may be as low as 70% even under favourable conditions

46 Copyright 1988-2008 46 Location and Tracking Technologies V3 Human Bodies Location and Tracking requires a chip-set and an associated transceiver, antenna and power-source The most relevant technology/ies: contactless smartcards radio-frequency identification (RFID) near field communications (NFC) Carriers – 'plastic cards', 'RFID tags', handsets Alternative Carrier 'Form-Factors': Adornments – wrist-watches, brooches, belt-buckles, body-piercings (ear, nose, navel, tongue) Tightly-Attached RFID Tags (Wristlets, Anklets) Embedded Chips (hand, arm, tooth-enamel, gums,...)

47 Copyright 1988-2008 47 Chips for Goods Monitoring

48 Copyright 1988-2008 48 Monitoring of Animal-Attached Chips

49 Copyright 1988-2008 49 Monitoring of Animal-Embedded Chips

50 Copyright 1988-2008 50 Continuous Monitoring of Chips

51 Copyright 1988-2008 51 Categorising Surveillance (1)Of What? Person, Object, Space (2)For Whom? Person, Involved Party, Third Party (3) By Whom? Person, Involved Party, Third Party (4) Why? Wellbeing, Evidence, Deterrence (5) How? Physical (visual, aural, at distance, auto-surveillance) Dataveillance (retrospective, real-time, predictive) Communications / Experience Personal / Mass Surveillance (6) Where? Physical, Virtual, Intellectual (7) When? Once, Recurrent, Scattered, Continuous

52 Copyright 1988-2008 52 Voluntary? Consensual? Coerced? Imposed? Voluntary e.g. individuals who are concerned about being kidnapped Consensual e.g. genuinely optional use to locate people within a campus Coerced 'an offer you couldn't refuse', e.g. a condition of a job or a promotion Imposed, e.g. on employees by powerful employers such as the military on various categories of institutionalised individuals prisoners on parole prisoners within low-security facilities prisoners within conventional gaols people on remand (charged, untried, may be a flight risk) the frail aged, especially those suffering senile dementia babies in neo-natal wards unconscious patients during operational procedures

53 Copyright 1988-2008 53 Potential Impacts of Location and Tracking Chilling Effect on: Terrorism Crime Sociopathic Behaviour Chilling Effect on: 'Anti-Social Behaviour' Creative Behaviour Dissidence Travel Association Denial of: Service Travel Identity

54 Copyright 1988-2008 54 Counterveillance Principles 1.Independent Evaluation of Technology 2.A Moratorium on Technology Deployments 3.Open Information Flows 4.Justification for Proposed Measures 5.Consultation and Participation 6.Evaluation 7.Design Principles 1.Balance 2.Independent Controls 3.Nymity and Multiple Identity 8.Rollback

55 Copyright 1988-2008 55 You Are Where Youve Been AGENDA Intellectual and Analytical Tools Location and Tracking Identity, Entity and Nymity Privacy and Dataveillance Location and Tracking Technologies Handhelds Motor Vehicles Human Bodies Threats Controls

56 Copyright 1988-2008 56 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy Centre @ UNSW and at ANU and the Uni. of Hong Kong Chair, Australian Privacy Foundation http://www.anu.edu.au/Roger.Clarke/......../DV/YAWYB {.html,.ppt} Location Privacy Seminar – UNSW – 23 July 2008 YOU ARE WHERE YOU'VE BEEN Location Technologies' Deep Privacy Impact

Download ppt "Copyright 1988-2008 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at ANU and the Uni. of Hong."

Similar presentations

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.

Numbers Treasure Hunt Following each question, click on the answer. If correct, the next page will load with a graphic first – these can be used to check.
Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.
Repaso: Unidad 2 Lección 2

Repaso: Unidad 2 Lección 2
Variations of the Turing Machine

Variations of the Turing Machine
Copyright 1987-2009 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at the ANU and the Uni. of.

Copyright Roger Clarke Xamax Consultancy, Canberra Visiting Professor – Cyberspace Law & Policy UNSW and at the ANU and the Uni. of.
Process Description and Control

Process Description and Control
AP STUDY SESSION 2.

AP STUDY SESSION 2.
1

1
Copyright 1988-2006 1 Digital Privacy Roger Clarke, Xamax Consultancy, Canberra Board Member, Australian Privacy Foundation Visiting Professor, Unis. of.

Copyright Digital Privacy Roger Clarke, Xamax Consultancy, Canberra Board Member, Australian Privacy Foundation Visiting Professor, Unis. of.
Copyright 2010 1 Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Computer Science, ANU and in Cyberspace Law & Policy, UNSW

Copyright Roger Clarke, Xamax Consultancy, Canberra Visiting Professor in Computer Science, ANU and in Cyberspace Law & Policy, UNSW
Copyright 2008-09 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor at ANU, UNSW, and the Uni. of Hong Kong Chair, Australian Privacy Foundation.

Copyright Roger Clarke Xamax Consultancy, Canberra Visiting Professor at ANU, UNSW, and the Uni. of Hong Kong Chair, Australian Privacy Foundation.
Select from the most commonly used minutes below.

Select from the most commonly used minutes below.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 4 Computing Platforms.
Processes and Operating Systems

Processes and Operating Systems
STATISTICS HYPOTHESES TEST (I)

STATISTICS HYPOTHESES TEST (I)
David Burdett May 11, 2004 Package Binding for WS CDL.

David Burdett May 11, 2004 Package Binding for WS CDL.
Key Telecom/ICT Indicators Esperanza C. Magpantay Market, Economics and Finance Unit Telecommunication Development Bureau 4 th World Telecommunication/ICT.

Key Telecom/ICT Indicators Esperanza C. Magpantay Market, Economics and Finance Unit Telecommunication Development Bureau 4 th World Telecommunication/ICT.
Joint ITU/ECA Regional Workshop on Information and Communication Technologies (ICT) Indicators Gaborone, Botswana 26-29 October 2004

Joint ITU/ECA Regional Workshop on Information and Communication Technologies (ICT) Indicators Gaborone, Botswana October 2004
Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Similar presentations

Ads by Google