Surveillance – a fair exchange of freedom and privacy for security?
Globalization culminates in the cities of the world, where conflicts are closer than anywhere else. In old times, a city and its residents could count on the defense of the town wall. Today, most of these walls are gone and country borders appear to be more transparent than ever. Today, most threats come from the homeland rather than the outside of a country. Security cameras are installed on every other building in order to observe countless entrance areas, streets, sidewalks or entire plazas. It’s not uncommon to observe up to twenty surveillance cameras on one single building.
Additional security measures were introduced in America following the 9/11 attacks, however many measures were already being implemented prior to it. The attacks simply intensified proceedings and led to the increasing interest of authorities and major companies in (national) security. Advocates of total surveillance finally obtained the endorsement they’d been longing for over the years.
Let’s take a look at Europe
London, next to New York and Hong Kong, is the center of the global financial industry – a power plant for financial flows – a population of 12 million – 300 languages – diversified ethnicities and cultures. As the prototype of an interconnected global metropolis and a laboratory for security, it’s not hard to believe that local police and authorities supervise more than 10,000 surveillance cameras. If you add in the more than 80,000 surveillance cameras owned by the traffic authority Transport for London and a countless number of private operators, you’ll have no problem counting over half a million active surveillance cameras. These digital eyes and ears create an almost perfect visual parallel of the city. Did you know that the London financial district is guarded by the so called Ring of Steel, a security and surveillance perimeter of ten kilometers?
Fortress Urbanism is a term used to summarize measures that force drivers to slow down on their way into the inner city: Roads entering the city become significantly narrower and are peppered with small chicanes; ponds that look innocuous on a city map turn out to be an anti-tank defense; trees in the middle of the road are flanked by barriers made of steel and adorned with surveillance cameras. License plates are automatically registered and analyzed and drivers behind the wheel are being recorded on camera at all times. This system isn’t new, but has been developing continuously over the last two decades. The resulting modern protective barrier is strikingly reminiscent of the old town walls of Roman times.
Unfortunately, many people no longer consider how many traces they leave behind, or simply disregard the fact that they are subject to 24/7 surveillance. Some even welcome this development. While it should be emphasized that we don’t have a “Big Brother” police state yet, with the ability to collect data from all kinds of resources automatically, we are already fast on track to becoming one. These huge amounts of data and pictures are not necessarily collected in a central location but rather they are spread over the world, meaning instead of one “Big Brother” we already have multiple “Little Brothers”.
Clearly, everyday life in a metropolis demands intensive electronic management, so it’s no surprise that we find surveillance cameras in cabs, public transport, tollbooths or simply for traffic control, even far beyond the “Ring of Steel”. But the important questions are: Who is in control of this massive amount of data? Who is in charge of the routes of these data streams? Is our freedom at stake by the constant registering of our everyday movements, all day long, every day? Is the security architecture of airports the new prototype for the cities of the future?
How irrelevant data becomes relevant
These days, many cities in the Western World in particular, are controlled by computer systems. Everything we do leaves traces of digital data behind. Just think about the GPS on your smart phone that discloses your location, or your credit card that can be used to evaluate your shopping behavior. Add biometric scanners or electronic access control points and you’ll be able to track down a person at any time and generate a digital copy of their lives in a database, in a heartbeat. Many people associate surveillance exclusively with police and security services. The fact that big platforms such as Google, Microsoft and Walmart relentlessly collect data for their personal advantage, is all too often completely forgotten.
The term Data Mining describes the process of extracting something of value from a mountain of allegedly irrelevant data. Sophisticated software scours global data streams based on specific criteria and creates market-driven datasets according to the needs of interested parties. The more specific information is contained about a person, the more valuable the dataset is. The findings in a Swiss study “How Google decides what we see” demonstrate how Google analyzes datasets in order to present ‘personalized’ search results and recommendations. They try to divide individuals into different groups and customize the search results for each and every one of these groups. Unknowingly, users see the world according to these pre-defined groups and criteria set by Google, “to give you exactly the information you want right when you want it”. Increasingly, we may no longer see the same search results as a colleague sitting right next to us who performs an identical search request. So, if you are searching for holiday offers using Google, your results and those of another person may be quite different. Users are silently and unobtrusively being stripped of the freedom to decide for themselves anymore.
Behavioral analysis in everyday policing
Grid surveillance operates on a similar level. By feeding computers with the necessary data about a person, it is possible to deduce potential criminal behaviors from certain characteristics and raise a flag if a certain threshold value is exceeded. (The behavior blocker of Emsisoft Anti-Malware relies on the same principles, by the way). The issue with grid surveillance is that this data collection occurs even if a person is not under suspicion at the time, which conflicts with the presumption of innocence. Following the timeline of Edward Snowden, it is no longer a secret that the NSA willingly intercepts and evaluates the communications of every citizen.
“Estimated to be one of the largest U.S. intelligence agencies in terms of personnel and budget, the NSA is primarily tasked with collecting and analyzing information and data of foreign intelligence and counterintelligence value…“, “NSA is reported to use its computing capability to analyze ‘transactional’ data that it regularly acquires from other government agencies, which gather it under their own jurisdictional authorities.” (Wikipedia)
How modern technology facilitates surveillance on a global scale
In the late 90s it came to light that the US, in collaboration with Great Britain, Canada, Australia and New Zealand, had been tapping in extensively to telephone conversations and other communications during the 60s. Following the 9/11 attacks the U.S. government adjusted federal law, giving law enforcement agencies sweeping search and surveillance powers over US citizens. US network providers were forced to cooperate with the NSA, who by that time, was already able to listen in on every phone conversation and collect data streams by tapping international fiber optic backbones.
The joint performance of so called super computers, using thousands of “off the shelf” processors in parallel, enables the collection and interpretation of Yottabytes (1 000 000 000 000 000 000 000 000 Bytes) of data with ease. By tapping native data streams directly at fiber optic backbones, all necessary data for extracting unencrypted mails, search engine data or chat messages is available in real-time. With that premise, it is possible to tap overseas fiber optic cables and access and analyze all data coming out of or into a particular country. Rather complicated algorithms sort through that huge amount of data and help with the acquisition of viable information. According to Edward Snowden, the NSA has already tapped over 100 important interfaces worldwide .
Why is this important for Europe or Germany?
Through the cooperation of Britain’s intelligence service Government Communications Headquarters (GCHQ), the NSA has access to the transatlantic telephone cable 14 (TAT-14), one of the most used transatlantic data pipelines to Europe, the Middle East and back. Once intercepted, regular data is stored for three days, and call detail records for up to 30 days. Similar listening devices are installed along important data highways in Western and Southern Germany. Even if only call detail records were being intercepted, it is still possible to extract who was accessing what Internet site for how long, or who has contacted whom and when. Accessing real-time data from Facebook, Google, Yahoo, Microsoft or Apple would require a warrant. Nonetheless, the NSA is capable of starting a live-cast of personal data as soon as one of the algorithms they have in place raises an alarm.
How can we protect our data? Are there any simple but effective methods?
Find out more in the next issue of our Knowledgebase article about data security!
Have a nice (malware-free) day!
Your Emsisoft TeamEmsisoft Anti-Malware excels at VB100 June 2013