Monday, December 27, 2010

Napolitano: Get used to invasive scans, pat-downs

Nevermind that more and more evidence is coming forth that the TSA body scanners don't work...because apparently, they're here to stay...



I'll have more on some of the recent revelations regarding just how useless and overpriced these machines are (in addition to being grossly invasive) in a future post.

In the meantime, here's the clip of the ABC News investigation cited by CNN reporter Candy Crowley to Janet Napolitano:

Tuesday, December 21, 2010

Is the Government Spying on You?

Watch this great Countdown segment with the Nation's Chris Hayes on the recent revelations regarding the massive FBI domestic spying program:

Visit msnbc.com for breaking news, world news, and news about the economy

Commerce Department Weighs in On Internet Privacy

I want to stay with the internet privacy issue for a bit more. Let's face it, the internet is where the vast majority of all future communication will take place, and information will be gathered and stored - yet it remains the wild west when it comes to privacy.

And, efforts are finally being made in Congress and in agencies like the FTC, and now the Commerce Department, to tackle this issue, and establish some semblance of privacy rights, and protections, on the net.

The other big story, one I'll get to tomorrow, is the revelations that the FBI is compiling massive databases filled with our personal information, whether you're a suspect or not.

But for today, let's get to the Commerce Department's announcement that they are close to endorsing new federal laws regulating companies' data collection practices and requiring that customers be notified of data breaches.

In an 88-page report (PDF), the department also suggested rewriting a 1986 privacy law to address "privacy protection in cloud computing and location-based services," but didn't offer any details. That broad approach is backed by tech companies including Google, Microsoft, AT&T, and eBay, but is likely to be opposed by the Justice Department.

In all, this a rather ho hum, thanks for finally joining the discussion type of report. Hell, in California, we have had a data breach notification law for seven years (one the Consumer Federation of California was active in supporting), and a pair of House of Representatives committees approved similar legislation back in 2006. No fewer than 46 states, plus the District of Columbia and Puerto Rico, have followed California's lead.

The Federal Trade Commission's 122-page report on these topics served up a generally similar set of recommendations, including that consumers should have "reasonable access to the data that companies maintain about them."

I don't know which agency will be taking the lead on this issue, but it will be important to watch them both being that privacy has become such a hot topic, be it the explosion of social networking sites, the personal data collection industry's rapid growth, and the behavioral advertising boom. In each case, these topics are now being debated in Congress (with industry trying to do everything in their power to ensure we have as little control over our data as possible), and the future of privacy on the internet itself could well be determined in the coming months and years.

While the reports, as I will explain, haven't been widely embraced by privacy advocates, they at least represent a slight break from the "free market fundamentalism" that has infected government for the past decade or more as it pertains to the net. Finally we have some federal agencies actually pushing for, and debating, new regulations targeting private companies and protecting consumer privacy.

With that said, these reports were not greeted with applause by privacy advocates. NetworkWorld reports:

The Commerce Department paper calls for an online privacy bill of rights and codes of conduct for Internet companies, with enforcement by the U.S. Federal Trade Commission. But several privacy groups questioned whether the codes of conduct would be effective because of the paper's suggestion that affected companies help write them.

The policy recommendations in the report are an "early Christmas gift to the data collection industry," said John Simpson, consumer advocate with Consumer Watchdog. Internet-based groups have been creating their own codes of conduct for years, and Web-based tracking and data collection continue to grow, said Susan Grant, director of consumer protection at the Consumer Federation of America. "The solution is not more self-regulation," she said. "That seems to be the main thrust of the Commerce Department report."


The report seems to give more attention to concerns of Web-based companies than to consumers, with little change in online data collection likely, other privacy advocates said. The report is "designed to marginalize consumers," said Jeffrey Chester, executive director of the Center for Digital Democracy.

...

Some of the privacy advocates suggested the report's recommendation for a privacy bill of rights may be helpful. The report may also help push Congress to act on privacy legislation next year, the Future of Privacy Forum said.

"The report is a sophisticated effort to advance consumer privacy without thwarting innovation," the group said in a statement. "Although it sets a framework that will influence legislation, it creates an alternate path for a mode of government initiated self-regulation, with advocates at the table and the FTC providing enforcement. If businesses respond by seriously engaging in efforts to advance fair information practices, the U.S. has the chance to take back the international privacy leadership role it once had."

In other words, as per usual the case when the issue is regulation of big business practices, the devil will be in the details. Will there be loopholes, and how big will they be? Will the focus be on "self regulation" or mandatory compliance? Will opt-in be the standard modus operandi, or will it be opt-out? These are the questions I'll be asking as I watch this debate unfold. Clearly, the odds are stacked against us...companies like Google, Facebook, and AT&T rank among the most powerful and well financed forces in the country.

Friday, December 17, 2010

Technological Innovation and Privacy

A common theme of this blog has been the trend of technology vastly outpacing privacy. We see this when it comes to social networking like Facebook and we certainly see it when it comes to behavioral tracking of our web usage, particularly in light of what has become a new, powerful, data collection industry.

The fact that we have next to no privacy standards as related to these technological innovations and trends has become an issue of interest of late, both among privacy groups (obviously), and now finally, the government itself.

Some of the key questions that remain unanswered is just what kind of control do we have over our own data? And, what kind of tools should be available for us to protect it? What about ownership of our data? Should we be compensated for the billions of dollars being made by corporations from their tracking of us? And of course, what of the government's access to this new world of data storage?

The argument by some, such as Time's person of the year Mark Zuckerberg, is that all information should be public, and as time goes on we'll only be sharing more of it. In addition, we all will benefit from this communal sharing of private information in ways yet to even be discovered. Already, from this sharing, we forge more online friendships and connections, old friends are reconnected, distant parents see pictures of their kids' day-to-day activities, jobs might be more easily found due to our profiles being more public, internet services improve as companies like Facebook and Google learn about peoples' Web browsing histories, sites are able to tailor content to the user, and so on, and so forth.

It is hard to argue that there aren't benefits to this new world of open access to information. But there are downsides too - downsides that warrant protections, and "dot rights" (ACLU's term).

As privacy advocates argue, shared information can also jeopardize personal safety, including identity theft. As laid out in a recent CNN article, "earlier this year, a widely publicized site called PleaseRobMe.com collected status updates from Twitter and Foursquare that indicated a person was away from home. That info, in theory, could help burglars figure out the best time to break into a person's house or apartment -- when no one's there. That happened to Beny Rubinstein last year when a hacker compromised his friend's Facebook page and falsely asked his Facebook friends for help. Rubinstein wired the hacker more than $1,100, thinking his real friend was in trouble in a foreign country.

There's also the issue of informed consent. Most internet users don't realize how much information they're giving up just by browsing the Web, nor do they know what is being done with that information.

Digital marketers like RapLeaf, for example, are getting better at sniffing through people's Web-browsing histories and online identities to compile user profiles that can be sold to advertisers. Finally, these kinds of targeted behavioral marketers are now being taken on in Congress and at the U.S. Federal Trade Commission, which, as I detailed last week on this blog, are calling for a "do not track" list for the internet, which would let users essentially opt out from all targeted marketing and tracking.

This leads to the issue of having the necessary tools available so internet users can have greater control over their web using habits, and increased protection from those that might seek to do them harm (or just so they can keep private information private!.

AS the CNN also points out, some of these tools exist already, but they falls short in some critical areas:

Users can opt out of tracking by certain marketers, clamp down access to their social networking sites and employ online pseudonyms as a way to keep some info relatively private. Privacy controls like these are widely used, especially by younger generations. A Pew Internet & American Life survey of people age 18 to 29 found more than 70 percent of them had changed the privacy settings on their social networking profiles. But these tools only go so far.

Virtually any information posted online can become public in an instant. An info-thief easily could take a screen grab of a private Facebook message and post it on a public blog. Private Twitter feeds -- viewable only by people who the author approves -- can be "retweeted," or re-posted, onto the public internet. And third-party Facebook apps have admitted to taking information from app users, against Facebook's rules, and selling that data to advertisers.

Privacy settings on sites like Facebook have become so confusing that some users feel they've lost control of their privacy, said Sherry Turkle, an MIT professor and author of the upcoming book, "Alone Together: Why We Expect More from Technology and Less from Each Other."

Internet users these days have a "sense of always being tracked and always being watched," she said. That leads to people censoring themselves and presenting a version of their life that is "kind of inauthentic" -- much like they're performing in a play they know everyone will see, she said. In the long term, these performance-based communications are dangerous for our personal relationships and for society, she said. They make us less human.
That last point, has particular resonance with me. What concerns me is what are the side effects of living in a society without privacy? Not just on the next, about our personal habits, but from the watchful eye of government, be it the knowledge that we could be wiretapped, that smart grid monitors are daily in home habits, that our emails can be intercepted, that our naked bodies must be viewed at airports, that our book purchases can be accessed (particularly if Google gets its way and everything goes electronic), that street corner cameras are watching our every move, that RFID tags allow for the tracking of clothes, cars, and phones...and the list goes on.

AS I said in a presentation to the CA PUC:

The endless accumulation of our personal data – combined with the outlandish profits being made off it and growing government demand for it – represents a direct assault on our right to privacy. We would do well to contemplate the steady erosion of this right and its long-term implications.

Corporations, by definition, care about profit, not reducing energy usage, and certainly not protecting privacy, just as governments, particularly federal, care more about access and control.

Evidence of this abounds: Social networking sites store and publicly share unprecedented private details about their users without telling them what they are doing with that information. A recent study found that the 43 leading sites made privacy control settings difficult to find and to understand; and the defaults were almost always set to allow maximum dispersal of data.

Google’s CEO, Steve Schmidt recently stated "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."

As you let that sink in, he also said: "… the reality is that search engines including Google do retain this information for some time, and it's important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities."

The facts bear witness to Mr. Schmidt’s worldview, as one Google product after another – from Google Buzz to Google Books - has been a virtual privacy train wreck. The company’s refusal to make public how often information about their users is demanded by, or disclosed to the government, is all the more disconcerting.

Facebook reportedly receives up to 100 demands from the government each week for information about its users. AOL reportedly receives 1,000 demands a month. In 2006, a U.S. Attorney demanded book purchase records of 24,000 Amazon.com customers. Sprint recently disclosed that law enforcement made 8 million requests in 2008 alone for its customer’s cell phone GPS data for purposes of locational tracking.

It wasn’t long ago that the idea of our government wiretapping American citizens without warrants for purposes other than national security would have been revolting. Now its official Government policy – and the telecom companies that participated in these crimes have been given retroactive immunity while continuing to make billions off overcharging the same customers they betrayed.

Nor was it long ago that we would have been rightly outraged by Patriot Act provisions – recently renewed – that allow for broad warrants to be issued by a secretive court for any type of record, without the government having to declare that the information sought is connected to a terrorism investigation; or that allow a secret court to issue warrants for the electronic monitoring of a person for whatever reason — even without showing that the suspect is an agent of a foreign power or a terrorist; and of course, that allow the government to search your home as long as it doesn't tell you it did.

The trend line is all too clear. More concerning than any single threat posed by any single technology is this larger pattern indicating that privacy as both a right and an idea is under siege. As young people grow up with so much of their information so public and accessible to all, including government, I fear their sense, appreciation and understanding of privacy will continue to fade away. The consequences of such a loss would be profound.
So I would disagree a bit with Zuckerberg, I think people do care about privacy, particularly when they understand the inherent costs of giving it up. Today social networking and internet communications are ubiquitous tools. Opting out of using them would be like opting out of using a telephone - it won't happen, nor should people be expected to do so.

The key is establishing rules of the road with real protections and the tools needed to give consumers more control over their data.

With that, I want to provide a few clips from a New York Times article entitled "Technology Outpaces Privacy" that also delves into this critical topic:

HOW far does consumer privacy protection lag behind data-collection systems, those advanced technologies that media companies use to gather, share and profit from our personal information? Too far, according to two privacy advocates. On the one hand, consumers often benefit from newfangled gizmos — be they cameras, tape recorders or cellphones. On the other hand, the widespread adoption of technology has often left legislators and regulators racing to play catch up.
In a similar fashion, the F.T.C.’s report recommends that Internet and mobile app users receive better control over who sees, collects and shares information about their electronic behavior — like, say, the Web sites they peruse or the terms they plug into search engines. Indeed, the commission proposed a “do not track” mechanism that would allow consumers to opt out of “behavioral advertising,” the kind of marketing that tailors ads to a consumer’s personal track record.

Take the Video Privacy Protection Act, enacted by Congress in 1988, after a local newspaper in Washington obtained and published the video rental records of Robert Bork, a Supreme Court nominee. The so-called Bork law, one of the country’s strongest privacy statutes, prohibits the disclosure of personally identifiable rental information without consumer consent.

...

Indeed, over time Congress has increased privacy regulation in different industries, he says. There’s the Health Insurance Portability and Accountability Act, for one, that in 1996 established certain federal protections for personal health information. And the Gramm-Leach-Bliley Act of 1999, which required financial service companies to notify customers about their information policies and allow them to opt out from having their data shared with unaffiliated parties.

...

The trade commission’s report proposes new industry practices to enhance online privacy choices for consumers. For those to take effect, however, either the interactive advertising industry would have to increase self-regulation or Congress would have to enact a law enabling the commission to enforce new rules. But Christopher Soghoian, a privacy researcher and graduate student at Indiana University, says most Web sites don’t allow consumers to opt out of tracking. Companies “promise they won’t use the data they collect for the purpose of picking the individual ads they are showing you,” he says, “but they don’t actually offer to stop collecting data about you.”

...

Web sites often deposit cookies on consumers’ computers to track online preferences and activities. The F.T.C.’s recommendation for an opt-out mechanism would play on that idea with a privacy cookie, encoded in people’s browsers, that would alert advertising networks to users’ privacy choices. But a few smaller companies have already moved beyond cookies, Mr. Soghoian says, with a technique called “device fingerprinting.” That advanced technology can follow online behavior — not by using cookies but by tracking signals that are specific to a person’s individual laptop or mobile device.
Click here for the rest of the article.

For 5 recommendations on how to better protect your online privacy check this article out.

Friday, December 10, 2010

Airport Body Scanners: An Old Technology with Gaping Security Shortcomings

I'm not going to rehash all the reasons why these airport body scanners are wrongheaded. For that, check out my article published in the California Progress Report entitled "A Hobson's Holiday Travel Choice: Digital Strip Search or Get Groped."

For the purposes of today I just want to alert everybody to an article I found by Pam Marten's that was published on the excellent website Counterpunch entitled "Fears Mount on TSA Body Scanners".

Granted, I've written on this topic extensively, and have posted a myriad of articles on it too. I don't know if there's anything completely new in this piece, but it does a good job of compiling some important information, particularly relating to the inadequacy of the machines themselves in detecting what they're supposed to.

Also of interest in the piece is the testimony cited that exposes a variety of technical shortcomings, namely the age of this technology itself: 20 years!! Somehow this fact slipped by me over the months. I think this is important because one of the key talking points repeated, over and over, by machine proponents is that these somehow represent "cutting edge" technology that is critical in keeping us safe. Ha!

Here are a couple particularly enlightening clips from the article:

Now documents have emerged, on the government’s own web sites, raising questions as to whether the machines are little more than overpriced metal detectors with a “beam me up Scotty” futuristic design. A scientist associated with one of the body scanner manufacturers, Ronald J. Hughes, has submitted patent documents to the U.S. Patent and Trademark Office for various devices involved in airport screening of passengers to detect terrorist threats. In those documents, Mr. Hughes details serious failings of the x-ray body scanning equipment, including its lack of reliability to detect plastics or ceramics used in bomb making.

...

In a detailed report delivered to Congress on March 17, 2010, the U.S. Government Accountability Office (GAO) further revealed the limitations of the body scanner machines in use in U.S. airports, originally called “Whole Body Imager” but now rebranded as the more spiffy sounding Advanced Imaging Technology or AITs. The GAO stated in its report (GAO-10-484T): “The AIT produces an image of a passenger’s body that a screener interprets. The image identifies objects, or anomalies, on the outside of the physical body but does not reveal items beneath the surface of the skin, such as implants.” Hiding potentially dangerous objects in body cavities will not be detected by these machines, raising questions as to why our government is spending $170,000 each for the units at an increased staffing cost of $2.4 billion over the 7-year anticipated life of the machines according to the GAO. (Each machine costs $369,764 in staffing costs for operation annually.)

In another GAO report delivered to Congress in October 2009 (GAO-10-128), researchers found that “TSA has not assessed whether there are tactics that terrorists could use, such as the placement of explosives or weapons on specific places on their bodies, to increase the likelihood that the screening equipment would fail to detect the hidden weapons or explosives.” GAO went on to note in the same report: “TSA has relied on technologies in day-to-day airport operations that have not been demonstrated to meet their functional requirements in an operational environment. For example, TSA has substituted existing screening procedures with screening by the Whole Body Imager even though its performance has not yet been validated by testing in an operational environment… Furthermore, without retaining existing screening procedures until the effectiveness of future technologies has been validated, TSA officials cannot be sure that checkpoint security will be improved.” In a footnote to this passage, GAO notes that the specifics of what it’s talking about here has been classified by the TSA.

One of the individuals who has been widely quoted as disputing the effectiveness of the body scanners is Rafi Sela, an expert on Israeli airport security. Mr. Sela has over 30 years experience in security and defense technologies, was a special advisor to the Israeli security agencies for counter terrorism and is a Managing Partner in AR Challenges, a consulting firm for advanced security technology. According to the company’s web site, it has “participated in applied strategic design of the operations and security at the Ben Gurion airport [in Israel], which is now a standard for many other high security airports.”

I wanted to hear directly from Mr. Sela. These are his emailed remarks: “The whole security system used in North America is wrong. The body scanners are just one more obsolete technology that does not provide any more security…it can be circumvented not only in body cavities but in other ways that I do not want to share with the public. This has been a great lobbying-marketing effort on behalf of the manufacturers.” Between 2005 and 2009, Rapiscan spent $1,678,500 on lobbying, according to data compiled at the Center for Responsive Politics (OpenSecrets.org). Michael Chertoff, former head of the Department of Homeland Security, has been a paid consultant to Rapiscan. On January 26, 2010, Congresswoman Jane Harman wrote to Janet Napolitano, head of Homeland Security, noting that Rapiscan was a company in the Congresswoman’s district. She urged Ms. Napolitano to “expedite installation of scanning machines in key airports.” Congresswoman Harman closed with: “If you need additional funds, I am ready to help.”

Another security expert, Bruce Schneier, says what the TSA is increasingly looking for these days is pentaerythritol tetranitrate (PETN). Writing recently at The Atlantic, Mr. Schneier explains PETN is “the plastic explosive that both the Shoe Bomber and the Underwear Bomber attempted but failed to detonate…The problem is that no scanners or puffers can detect PETN; only swabs and dogs work.” (Puffers were the TSA’s last fiasco. Officially called Explosives Trace Portal or ETP, they puff air at the passenger in hopes of sniffing the air for traces of explosives. A highly critical GAO report found they were rolled out without proper testing.)

....

That this technology has been in existence for two decades and is just now being rolled out to airports deserves a few moments of equally intense probing. Under what societal norms would there be a market for routinely taking nude pictures of airline travelers via scientifically challenged skin radiation that reveal genitalia; with a necessary back up plan of hand inspections of the buttocks and genitalia for opt outs. This 20-year old technology could only be massively deployed because of a long line of images since 9/11 which has desensitized the American psyche to human rights through a bombardment of human degradations: the images of thumbs up torture at Abu Ghraib; the televised pictures of the hooded prisoners on their knees at Guantanamo or in monkey cages; the endless columns of typeset devoted to waterboarding, renditions, kidnappings and assassinations – all in the name of making us more secure.

...

Now serious financial damage is looming for the nation’s airlines with Zogby International reporting in a poll taken between November 19 and 22 that 61 per cent of the 2,032 individuals polled oppose the use of body scanners and pat downs. The use of the backscatter x-ray machines and the more aggressive pat down procedures will cause 48 percent of individuals to seek an alternative means of travel. In addition, 52 per cent of respondents think the new security procedures will not prevent terrorist activity, 48 per cent consider it a violation of privacy rights and 32 per cent consider it to be sexual harassment, according to the Zogby poll.

At ACLU.org, the nonprofit organization reports it has received 900 complaints and has posted over 38 graphic accounts that can only be described as sexual molestation. Brief examples include: “The TSA agent used her hands to feel under and between my breasts. She then rammed her hand up into my crotch until it jammed into my pubic bone.” “I cried throughout the groping and have had intrusive thoughts since. It was humiliating.” “The procedure was violating, degrading, invasive and humiliating.” “It was so rough that I felt the effects of it throughout the day.” “I do not feel safer. I feel violated.”

Is this any way to run an airline – or a democracy?

Click here to read the entire piece.

I will admit, I was a little surprised by the Zogby poll numbers she cited, and may need to go see them for myself. If accurate, this is very good news, and tells me that all the outcry, from the public and privacy advocates (as well as others), had an effect. The number I want to confirm is the 61% that now oppose the "body scanners and pat downs" claim. That would be one helluva turnaround being that it the reverse of that in the numbers I've seen.

There is however, more opposition to the pat downs than the scanners, so perhaps by bunching them together that led to the higher figure. AT any rate, this article only strengthens the argument I have been making here for over a year now: these machines need to go.

Tuesday, December 7, 2010

Behavioral Marketing and a "Do Not Track" List

The big news on the privacy front was last week's report released by the Federal Trade Commission (FTC) recommending, among other things, the establishment of a Do Not Track (DNT) mechanism. Not addressed in the report, a concern for some in the privacy community, was the privacy implications of cloud computing and social networking, the need for a US privacy agency, or a comprehensive federal privacy law based on "Fair Information Practices".

Nonetheless, the DNT option is an interesting concept - one that privacy advocates have supported in the past - and worth detailing here today. Before I get to specifics, I should define what kind of "tracking" we're talking about.

The Center for Digital Democracy defines behavioral marketing thusly:

Perhaps the most powerful - but largely invisible - force shaping our digital media reality is the role of interactive advertising and marketing. Much of our online experience, from websites to search engines to social networks, is being shaped to better serve advertisers. Increasingly, individuals are being electronically "shadowed" online, our actions and behaviors observed, collected, and analyzed so that we can be "micro-targeted." Now a $24 billion a year industry [2008 estimates] in the U.S., with expected dramatic growth to $80 billion or more by 2011, the goal of interactive marketing is to use the awesome power of new media to deeply engage you in what is being sold: whether it's a car, a vacation, a politician or a belief. An explosion of digital technologies, such as behavioral targeting and retargeting, "immersive" rich media, and virtual reality, are being utilized to drive the market goals of the largest brand advertisers and many others.

A major infrastructure has emerged to expand and promote the interests of this sector, including online advertising networks, digital marketing specialists, and trade lobbying groups.

The role which online marketing and advertising plays in shaping our new media world, including at the global level, will help determine what kind of society we will create.

  • Will online advertising evolve so that everyone's privacy is truly protected?
  • Will there be only a few gatekeepers determining what editorial content should be supported in order to better serve the interests of advertising, or will we see a vibrant commercial and non-commercial marketplace for news, information, and other content necessary for a civil society?
  • Who will hold the online advertising industry accountable to the public, making its decisions transparent and part of the policy debate?
  • Will the more harmful aspects of interactive marketing - such as threats to public health - be effectively addressed?
Back in April, privacy advocates filed a complaint with federal regulators against tracking and profiling practices used by Google, Yahoo, Microsoft and other Internet companies to auction off ads targeted at individual consumers in the fractions of a second before a Web page loads.

The complaint was filed by the Center for Digital Democracy, U.S. PIRG, and the World Privacy Forum, charging that a "massive and stealth data collection apparatus threatens user privacy," and asks regulators to compel companies to obtain express consent from consumers before serving up "behavioral" ads based on their online history.

Internet companies would be asked to acknowledge that the data they collect about a person's online movements through software "cookies" embedded in a Web browser allows advertisers to know details about them, even if those cookies don't have a person's name attached.

Privacy advocates have long argued that when enabled to protect their privacy and control their data. BUT, not if it’s made difficult, confusing, or time consuming. And this is why new rules, laws are so desperately needed for cyberspace...we need "systems" that will allow users to control their information in an easy, logical, and practical way.

And this leads to the need for a DNT mechanism on internet browsers. Essentially what the FTC is rightly arguing is that web users should be able to use a 'do not track' facility to block any use of their browsing habits for advertising purposes.

The feature, which the FTC said could be located within browsers, would prevent a person from being exposed to behavioural advertising and would function like 'do not call' lists of phone numbers.

FTC chairman Jon Leibowitz stated:

"Despite some good actors, self-regulation of privacy has not worked adequately and is not working adequately for American consumers. We deserve far better from the companies we entrust our data to, and industry, as a whole, must do better. So the FTC will take action against companies that cross the line with consumer data and violate consumers' privacy - especially when children and teens are involved. The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice. We believe that's what most Americans want as well....The Commission recommends a simple, easy to use choice mechanism for consumers to opt out of the collection of information about their Internet behavior for targeted ads. The most practical method would probably involve the placement of a persistent setting, similar to a cookie, on the consumer's browser signaling the consumer's choices about being tracked and receiving targeted ads."

This is a sensible component of a much larger web privacy strategy that will ideally put the individual in control, or ownership, of their own data. While I favor the opt-in versus over the opt-out method as a rule of thumb, certainly a visible DNT mechanism in browsers would be an acceptable piece of the internet "privacy puzzle".

As for the public reaction to this debate, I think its a no brainer. Who doesn't want more choice, and control? Of course, it's not quite like a phone call at dinner. People aren't being physically interrupted from something they're doing, but, again, it comes down to the consumers choice, one we do not currently have. Its also true that young people today are far more likely to want to, or be okay with, sharing personal information. However, studies show that when given the choice, they too care about privacy, and would more often than not choose that privacy if given the opportunity...they're just not going to work for it.

It also seems to me that this could benefit consumers in an additional way, because online marketers would have to find more substantive ways to coax web users into letting themselves be tracked. Thus, under DNT, consumers would likely get better or more free stuff for signing up.

I also liked what Susan Grant, the director of consumer protection at the Consumer Federation of America, had to say about why DNT is needed (in addition to much more comprehensive privacy legislation), stating,

"If someone were following you around in the physical world - tailing you and making note of everywhere you go, what you read, what you eat, who you see, what music you listen to, what you buy, what you watch - you might find this disturbing. On the Internet even if the tracker doesn't know your name, you are not anonymous."

She pointed to technology like so-called cookies and other persistent, digital identifiers that "are essentially personally identifying information."

Eric Newland of the Center for Democracy and Technology had some more critical points to add, writing:

While DNT is an intriguing idea, and one CDT has supported, it is not a silver bullet. If implemented, it would likely address, at best, just a portion of a larger problem. In its narrowest conception, DNT might give consumers an opportunity to state that they do not want data that has been collected about them to be used for the targeting of behavioral advertisements; enforceable rules would ensure that these expressions of consumer intent are respected.

But conceived in this way, DNT would leave consumers in the same, unfortunate position with regard to how their data – web browsing history, transaction data, contact information – is collected and how it is shared for purposes outside of behavioral advertising: with market research firms, data brokers, life insurance companies and the like. DNT further fails to address emerging challenges to online privacy: cloud computing, social networking, and the growth of the app economy. And DNT would certainly not address the collection and use of offline consumer data such as mortgage information, credit card information, DMV records, and other business records. DNT alone will not solve all of our privacy challenges.

Meanwhile, just unpacking the term “do not track” requires navigating a wide array of challenging questions. The very broad concept of DNT is appealing for consumers. But does DNT mean don’t collect user data, don’t use it for behavioral advertising specifically, or don’t use it for non-operational purposes generally? What are operational purposes? Should there be distinctions between first party collection and use and third party collection and use? What about sensitive information?

In fact, unpacking the term “do not track” requires grappling with the same questions that must be addressed before baseline consumer privacy legislation can be passed. It seems inefficient to slog through these questions in pursuit of a narrow answer to one particular privacy problem, when instead the process can be harnessed to reach consensus around baseline consumer privacy legislation.

In short, DNT is no replacement for baseline privacy legislation. While DNT-type mechanisms could function as useful privacy-enhancing technologies, we should not let a discussion about DNT distract us from a task that American businesses, the Department of Commerce, Congress, and consumers have all said is a priority: finally passing baseline privacy legislation.

The Electronic Frontier Foundation also added some important insights, stating:

...the biggest problem is not the targeted ads but the exhaustive records of peoples' reading and other online activities that are collected in order to facilitate that targeting.

The FTC report specifically endorses the idea of a standardized
"Do Not Track" mechanism that would allow individuals to restrict the flow of their personal data to advertisers. Do Not Track is a response to the fact that it is currently extremely impractical for consumers to defend themselves against the astonishing array of sophisticated tracking technologies that are easy to deploy and in widespread use. One of the strongest arguments for the technical feasibility of Do Not Track can be found in this interesting blog post.

Of course, behavioral advertising is not a new issue for the FTC. They issued proposed principles for industry self-regulation back in 2007. However, this self-regulatory approach has been widely criticized as ineffective -— leading to speculation that it is time for direct regulation of behavioral tracking.

...

The FTC's new privacy report is a promising development in the evolution of online consumer privacy. EFF looks forward to working with other organizations to address the issues raised by this report. The House Subcommittee on Commerce, Trade, and Consumer Protection will delve into the issue of Do Not Track more fully during a hearing scheduled for tomorrow, and we have high hopes that the conversation will be furthered by an upcoming Department of Commerce report.

With the publication of the privacy report, it seems that the FTC is ready to tackle some of the most challenging issues of online consumer privacy - including revolutionary approaches to defending personal privacy such as Do Not Track.

All in all I think there is some reason to be hopeful about the direction of the FTC, and supportive of the DNT concept. But, as with any issue this large, and this uncharted (i.e. privacy on the internet), there are going to be HUGE moneyed interests out to stifle progress in the name of the bottom line. This issue will be no different...as marketers will be lining up to stop anything that might slow their ability to make money off your private data.

I don't think its by accident that we are told by the same interests that profit off our information that privacy is dead, and people don't care about it anymore. Well, that's easy to say when you are the ones developing the complicated and difficult to find privacy settings consumers have to deal with.

My guess is if given the choice and opportunity to choose to not be tracked consumers will in droves. But, as pointed out in today's post, this is only one small component of the much larger effort underway to establish comprehensive internet privacy protections and data rights.

Stay tuned for that continuing fight.

Friday, December 3, 2010

TSA Manipulates Opt-Out Day Figures, Harvard Students Sue

Okay, this will be my last post on this topic for at least a little while, and I think this is a good place to leave it. Last post, in explaining why I wasn't that surprised the National Opt-Out Day wasn't a rousing "success" I mentioned a few key factors.

One, only a small percentage of passengers are actually asked to go through the digital strip search machines. Two, the vast majority of airports still aren't equipped with them. Three, when people are traveling on the holidays (or any time for that matter) its very difficult to get them to willingly delay their own trip...or be blamed for delaying others.

I also pointed out something else peculiar about the statistics that the TSA reported about that day. Based on government accounts, the numbers certainly were impressive. Only 1% opted out? Really? “Detroit: 25,000 passengers screened today, and 57 AIT opt-outs!"Amazing, right?

What they failed to mention is how many passengers actually were asked to go through the scanners, and how many of those opted-out. Yes, they reported the number of opt-outs at airports, but they've been contrasting that with the total number of those that flew. Also not reported is how many passengers flew over the holidays versus the past, and whether any decline might be due to people "opting out" of flying altogether.

But there appears to be even more to this data rigging story than that. It turns out, in addition to the above, the machines weren't labeled as "body scanners," nor were there any images posted by or on them showing what they do. In addition, when the TSA reports 99 percent of travelers consented to the body scanners that consent was neither verbal nor written (in other words, nobody will ask you if it's okay). That consent is presumed if you walk into the machine without objecting. So no "opt-out" choices were presented. In other words, to opt out, a traveler would have to realize he was being directed into a body scanner, understand that he had a choice, and stop and speak up to a TSA agent.

But THAT'S not even the whole story. As reported in Rawstory, the group Liberty Guard (libertarian organization) has filed a Freedom of Information Act request with the Transportation Security Administration to determine why many airport imaging scanners were reportedly shut down and roped off on November 24th, the day of a planned "opt out protest.

Eric Dolan writes:

But reports from travelers and local news sources suggest that at some of the busiest airports in the US the TSA backed down and resorted to using the old screening procedures, such as metal detectors and less-intrusive pat-downs.

"We'd like to know if we can expect a policy shift from the TSA or if they were merely attempting to shut down the public outcry regarding their search procedures," Joe Seehussen, President of Liberty Guard said.
"

...

The American Civil Liberties Union (ACLU) says it has received over 900 complaints from travelers over the last month who've been subjected to the new screening procedures.

Click here to read the story in its entirety.

Taking into account those factors, the fact that the National Opt-Out day didn't have the impact some believed it might isn't all that surprising - nor is it a blow to the effort to rein in our increasingly intrusive, wasteful, and absurd security state.

I'm under no illusion there is some national uproar about to take root. I'm also very concerned with the way in which this issue is being framed by a lot of right wing interests who seek to use it as a battering ram against public employees and the President. Similarly, I would hate to see this all lead to some privatization of security scheme.

Nonetheless, I would also take what you have heard from the TSA and the media regarding public opinion on this subject with a healthy dose of skepticism.

On that note, some Harvard students have taken it upon themselves to file a lawsuit seeking to rein in use of these full-body scans and pat-downs. The Boston Globe reports:

Two Harvard Law School students have sued the Transportation Security Administration, seeking to restrict the use of full-body scanners and pat-downs at airports and joining a growing number of lawsuits filed across the country that claim the screening procedures infringe on constitutional rights to privacy.

...

The students, Jeffrey Redfern and Anant Pradhan, are asking the court to ban the TSA from using the screening procedures without reasonable suspicion. Margaret Paget, a partner at the Boston law firm Sherin and Lodgen, said the Harvard students, who are representing themselves in the suit, have a valid claim and a chance of winning.

The suit is at least the sixth filed against the TSA since the agency put the enhanced screening procedures into widespread use following the so-called underwear bomber’s unsuccessful attempt to blow up a plane last Christmas with explosives hidden beneath his clothes. A suit filed in US District Court in Denver last week claimed the pat-downs were “disgusting, unconscionable, sexual in nature.’’ The Electronic Privacy Information Center, an advocacy group, described the scanners as the equivalent of a “digital strip search’’ in a suit filed in Washington in July.

I see the lawsuits as part of a genuine citizen rebellion against invasive and ineffective airport screening,’’ said John Verdi, senior counsel at the privacy information center. “These scanners fail every conceivable constitutional test. They are not narrowly targeted at individuals that the government suspects of wrongdoing. They are not the least invasive means. And they are not effective at achieving the government’s stated end, which is detecting powdered explosives.’’

Under TSA screening procedures, passengers selected for full-body scans can opt for a pat-down search instead. Redfern and Pradhan both chose the pat-down at Logan International Airport while traveling separately in November, according to their complaint. The search, which included “prodding and lifting of genitals and buttocks,’’ was so intrusive that, “if done non-consensually, would amount to sexual assault in most jurisdictions,’’ the complaint said.

In an interview with the Harvard Law Record, Pradhan said an agent put his fingers inside the waistband of his pants, lifted his buttocks, and felt his groin. “They’ll go all the way up until — well, they go all the way up,’’ he told the law school newspaper.

Click here to read more.

Now, in coming posts I want to get into some new privacy related topics, from Google books to "do not track" legislation and more.

Tuesday, November 30, 2010

The National Opt-Out Day, Media Coverage, and Next Steps

The extended holiday travel weekend is over and by all accounts the National Opt-Out day from airport body scanners had little to no impact. I can't say I'm all that surprised frankly.

One, we're talking about a small percentage of passengers (a couple % I believe) that are actually even confronted with the choice to be digitally strip searched or groped. In addition, the vast majority of airports aren't even equipped with the scanners yet. And finally, let's remember, when people are traveling on the holidays (or any time for that matter), its very difficult to get them to delay their trip...or be blamed for delaying others.

Taking into account those factors, the fact that the National Opt-Out day didn't have the impact some believed it might isn't all that surprising - nor is it a blow to the effort to rein in our increasingly intrusive, wasteful, and absurd security state.

Let me make one other important point on the whole topic of "what percentage of passengers chose to opt-out" front. Both the TSA and the media have been reporting grossly misleading data. Yes, they have reported the number of opt-outs at airports, but they've been contrasting that with the total number of those that flew.

What they fail to mention is how many passengers actually were forced to go through the scanners,
and how many of those opt-out. Also not reported is how many passengers flew over the holidays versus the past, and whether any decline might be due to people "opting out" of fling altogether. The truth, in other words, isn't always what it appears. Master statistician Nate Silver of the New York Times has the scoop on this peculiar "reporting".

The Media's Inadequate Job as Information Gatekeeper

I would like to say a few quick words about the media's role in all this. What became clear to me from studying and following stories from the mainstream corporate press on this topic is how little context they provided. For instance, one would think that the first issues to address when discussing whether an invasive and intrusive security measure is being debated is A. how serious is the threat against those being subjected to the measures, and B. how much safer do the measures actually make us, and C. how much does it cost and what could that money be spent on something more effective?

Of course, these critical issues weren't ever really discussed (at least not honestly or openly). I think the main reason for this is if they did it would call into question the entire rationale for the ever expanding and ever more wasteful, intrusive, and invasive national security state (from wiretapping to torture).

As I have written on this blog too many times to count, the chances of actually being killed in an airplane by a terrorist are nearly NON-EXISTENT ( See my recently published article on the California Progress Report that explains all of this in great detail). And two, these body scanners do not make us safer. In fact, many security experts argue they make us less so due to their exorbitant costs and the way in which they actually end up bunching up people as greater targets in the terminals themselves.

Instead, the media went to its "go to" method of storytelling: focus on the human interest component. So, sadly, what we heard was a variety of individual stories about their problems with the scanners and/or pat downs, or other individuals actual traumatic experiences with them (all of which is important of course). And then the media circled the wagons and went into its "framing" mode, at which time the story became the same in nearly every paper and on every television news segment (outside of Olbermann):

"Yes, some of the pat downs went too far, yes, for some the scanners are intrusive, BUT we live in a dangerous time that requires sacrifices, so we should all suck it up and do what's right for the country."


What a crock of shit! What about the actual threat from terrorism? What about the waste of money these machines represent? What about how ineffective they are? Or, what about looking into what actually CAUSES terrorism as a way to reduce its threat?

Addressing the Root Causes of Terrorism

One would think if we are to have an honest discussion about "how to make Americans safer", then we must first understand what causes terrorism? Of course, asking that question at all invites an answer that would threaten our security state's conventional wisdom. We know, for a fact, that the reasons there are in fact terrorists that mean to do us harm is American foreign policy.

So, if we are truly trying to reduce the threat of terrorism there are DEMONSTRABLY more effective ways than those currently being pursued. A few alternative tactics to consider: stop bombing and occupying Muslim nations, arming their enemies, torturing and indefinitely jailing their people, and supporting ruthless dictators in their countries.

While we're at it we should reinstate every gay Arabic translator (which we have a critical shortage of today) expelled from the military due to their sexual preference (in fact all gays that were expelled), and focus our attention on intelligence gathering rather than warmaking to catch the real extremists that want to do our country harm.

No one is denying that terrorism is a threat or seeking to justify their murderous crimes, but how does creating more of them make us safer? And instead of spending one more minute listening to the grumblings of a war criminal like Dick Cheney, let's heed the words of Martin Luther King Jr. instead: "We all have to be concerned about terrorism, but you will never end terrorism by terrorizing others."

Noam Chomsky had it right too when he said "Everybody's worried about stopping terrorism. Well, there's a really easy way: stop participating in it."

And if that's not enough, check out this list of airport security methods that WOULD make us safer, don't cost NEARLY as much, and don't include being groped or digitally strip searched.

Tom Engelhardt has a great piece on Trutout today on this very topic entitled The National Security State Cops a Feel. Here are a few key key passages:

We live, it seems, in a national security “homeland” of little angry bureaucrats who couldn’t be happier to define what “safety” means for you and big self-satisfied officials who can duck the application of those safety methods. Your government can now come up with any wacky solution to American “security” and you’ll pay the price. One guy brings a failed shoe bomb on an airplane, and you’re suddenly in your socks. Word has it that bombs can be mixed from liquids in airplane bathrooms, and there go your bottled drinks. A youthful idiot flies toward Detroit with an ill-constructed bomb in his underwear, and suddenly they’re taking naked scans of you or threatening to grope your junk.

Two bombs don’t go off in the cargo holds of two planes and all of a sudden sending things around the world threatens to become more problematic and expensive. Each time, the price of “safety” rises and some set of lucky corporations, along with the lobbyists and politicians that support them, get a windfall. In each case, the terror tactic (at least in the normal sense) failed; in each case, the already draconian standards for our security were ratcheted up, while yet more money was poured into new technology and human reinforcements, which may, in the end, cause more disruption than any successful terror attack.

Directly or indirectly, you pay for the screeners and scanners and a labyrinthine intelligence bureaucracy that officially wields an $80 billion budget, and all the lobbyists and shysters and pitchmen who accompany our burgeoning homeland-security complex. And by the way, no one’s the slightest bit nice about it either, which isn’t surprising since it’s a national security state we’re talking about, which means its mentality is punitive. It wants to lock you down, quietly and with full acquiescence if possible. Offer some trouble, though, or step out of line, and you'll be hit with a $10,000 fine or maybe put in cuffs. It’s all for your safety, and fortunately they have a set of the most inept terror plots in history to prove their point.

...

But here’s the thing: in our deluded state, Americans don’t tend to connect what we’re doing to others abroad and what we’re doing to ourselves at home. We refuse to see that the trillion or more dollars that continue to go into the Pentagon, the U.S. Intelligence Community, and the national security state yearly, as well as the stalemated or losing wars Washington insists on fighting in distant lands, have anything to do with the near collapse of the American economy, job-devastation at home, or any of the other disasters of our American age.

As a result, those porno-scanners and enhanced pat-downs are indignities without a cause -- except, of course, for those terrorists who keep launching their bizarre plots to take down our planes. And yet whatever inconvenience, embarrassment, or humiliation you suffer in an airport shouldn’t be thought of as something the terrorists have done to us. It’s what the American national security state that we’ve quietly accepted demands of its subjects, based on the idea that no degree of danger from a terrorist attack, however infinitesimal, is acceptable. (When it comes to genuine safety, anything close to that principle is absent from other aspects of American life where -- from eating to driving, to drinking, to working -- genuine danger exists and genuine damage is regularly done.)

We now live not just with all the usual fears that life has to offer, but in something like a United States of Fear.

So think of it as an irony that, when George W. Bush and his cronies decided to sally forth and smite the Greater Middle East, they exulted that they were finally “taking the gloves off.” And so they were: aggressive war, torture, abuse, secret imprisonment, souped-up surveillance, slaughter, drone wars, there was no end to it. When those gloves came off, other people suffered first. But wasn’t it predictable -- since unsuccessful wars have a nasty habit of coming home -- that, in the end, other things would come off, and sooner or later they would be on you: your hat, your shoes, your belt, your clothes, and of course, your job, your world?

And don’t for a second think that it’s going to end here. What happens when the first terrorist with a suppository bomb is found aboard one of our planes? After all, such weapons already exist. In the meantime, the imposition of more draconian safety and security methods is, of course, being considered for buses, trains, and boats. Can trucks, taxis, cars, and bikes be far behind? After all, once begun, there can, by definition, be no end to the search for perfect security.

Read the rest here.

So let's all take the media's coverage of this issue with a big grain of salt. Its not over by a long shot. These airport body scanners, and their myriad of problems, from potential health risks to images being stored and shared to exorbitant costs aren't going away; in fact, their numbers are expected to more than double in the coming months.

This issue is bigger than simply the human feeling of intrusion when submitting to the state. Its about what are we doing as a nation to cause ANYONE to want to commit terrorist acts? How do we address that threat at THAT ROOT level? What security tactics ACTUALLY make us safer? How do we protect privacy in this age of irrational fear? And what is the most effective use of our tax dollars at a time we face the worst economic recession since the great depression?

I again go to privacy and security expert Bruce Schneier who sums up this false dichotomy between privacy and security best:

"If you set up the false dichotomy, of course people will choose security over privacy -- especially if you scare them first. But it's still a false dichotomy. There is no security without privacy. And liberty requires both security and privacy. The famous quote attributed to Benjamin Franklin reads: "Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety." It's also true that those who would give up privacy for security are likely to end up with neither.”

Tuesday, November 23, 2010

Airport Body Scanners, Conflicts of Interest, and New Polling

While I do want to tackle some other privacy issues here I feel there's still more for me to do on this topic...because let's face it, the issue is hot right now. Before I get to a compilation by Alternet of the 5 worst passenger pat-down experiences to date as well as op-ed's by both Ralph Nader and Thom Hartmann on the subject, I'd like to make a larger point on the growing anger directed towards TSA agents themselves.

Namely, I want to separate myself - in no uncertain terms - from what has become a right wing effort to turn this issue into yet another vitriolic assault on Obama, public employees, and the government in general.

For one, these scanners were authorized by President Bush, not Obama (though clearly I wish the President will see the light and stop using them).

Second, in NO WAY do I want to play a part in the growing hostility being directed at individual TSA workers. The right wing has long been trying to demonize public employees, using disinformation and scare tactics to do so. The primary reason is public employees happen to be the last remaining bastion of union membership. So I want to be clear, that while there are obviously some TSA agents that are abusing their positions, the larger point is that its the POLICY that's the problem, not public employees.

Third, I don't support privatizing airport security - which is what this whole assault on government and public employees is really about. Let's face it, this is a perfect issue to use to reinforce the right wing frame that all government is bad. But I would ask do we really want more Blackwaters? Do we really want corporations seeking to profit off fear running airport security? Why would anyone think their policies would be any better? In fact, at least government is accountable, on some level, to voters. Corporations aren't. And god knows we've seen how poorly privatization of other commons has turned out.

Now, with that said, it should be no surprise that there continues to be a constant slew of stories (some exaggerated I might add) of passenger indignities resulting from these aggressive pat downs. For the complete stories go here. But briefly, those are:

1. TSA agent feels around inside woman's underwear
2. Man has to board plane covered in urine
3. Cancer survivor forced to remove prosthetic breast
4. Agents search half-naked 5-year-old child
5. Pants pulled off senior citizen on his anniversary

Growing Influence of the Security Technologies Industry

I am pleased that Michael Chertoff, Former Department of Homeland Security, and his connection to these scanners is finally getting more press attention. Here's the scoop, Chertoff is now head of the Chertoff Group, the lead cheerleader for the Full Body Scanner Lobby.

Ever since the Christmas Day Bomb Scare, he's been making the rounds championing these scanners as a way to detect hidden explosive devices. A few days after making these press rounds the Washington Post revealed that Chertoff represents Rapiscan - a manufacturer of these full body scanners. The problem of course was that Chertoff neglected to mention this fact to a scared shitless American public...even as he shilled for a machine that wouldn’t have stopped Abdulmutallab (underwear bomber) anyway.

Within days, Chertoff’s client received an astonishing $173 million to manufacture and install these machines in airports across the country, again, a
fact he wasn't making known in ANY of the interviews.

As Kate Hanni, founder of FlyersRights.org, which opposes the use of the scanners noted at the time, "Mr. Chertoff should not be allowed to abuse the trust the public has placed in him as a former public servant to privately gain from the sale of full-body scanners under the pretense that the scanners would have detected this particular type of explosive."

Rapiscan has already sold 150 full body scanners to the Transportation Security Administration (TSA), with a price tag of $25 million. By the way, the original orders for body scanners were made in 2005, during the Bush administration when Chertoff was still head of Homeland Security.

On that note, let me second what Thom Hartmann wrote today:

"As Benjamin Franklin famously wrote on February 17, 1775 in his notes to the Pennsylvania Assembly, "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety."

If we are serious about stopping Middle Eastern zealots from attacking us, instead of blowing up our own Fourth Amendment right to be secure in our persons, let's stop blowing up Middle Eastern countries. When the Obama administration pulls our troops out of Iraq and Afghanistan, and works hard to resolve the Israeli/Palestinian crisis, then I'll believe our government really cares about our safety.

Until then, it's just theatre - with a few millions in profit for Chertoff and his friends. Michael Chertoff? Come over here and bend over, please."

But back to the lobbying power and influence of this burgeoning industry. At the start of this year the Washington Examiner ran down a list of all the former Washington politicians and staff members who are now part of what it calls the "full-body scanner lobby". This included:
  • One manufacturer, according to the Cleveland Plain Dealer, is American Science & Engineering, Inc. AS&E has retained the K Street firm Wexler & Walker to lobby for "federal deployment of security technology by DHS and DOD." Individual lobbyists on this account include former TSA deputy administration Tom Blank, who also worked under House Speaker Newt Gingrich.
  • Chad Wolf -- former assistant administrator for policy at TSA, and a former aide to Kay Bailey Hutchison, R-Tex., a top Senate appropriator and the ranking Republican on the transportation committee -- is also lobbying on AS&E’s behalf.
  • Smiths Detection, another screening manufacturer, employs top transportation lobbying firm Van Scoyoc Associates, including Kevin Patrick Kelly, a former top staffer to Sen. Barbara Mikulski, D-Md., who sits on the Homeland Security Appropriations subcommittee. Smiths also retains former congresswoman Helen Delich Bentley, R-Md.
  • Former Sen. Al D’Amato, R-N.Y., represents L3 Systems, about which Bloomberg wrote today: "L-3 has ‘developed a more sophisticated system that could prevent smuggling of almost anything on the body,’ said Howard Rubel, an analyst at Jefferies & Co., who has a ‘hold’ rating on the stock."
James Ridgeway of Mother Jones makes an important point on this too, stating, "Airport security has always been compromised by corporate interests. When it comes to high-tech screening methods, the TSA has a dismal record of enriching private corporations with failed technologies, and there are signs that the latest miracle device may just bring more of the same."

And it doesn't stop there. The CEO of one of the two companies licensed to sell full body scanners to the TSA accompanied President Barack Obama to India earlier this month.

Clearly these connections are paying off as the number of scanners jumped from 40 at the start of this year to 373 installed at 68 airports across the USA as of last week,” reports USA today. “The TSA is scheduled to have deployed 500 scanners, which cost roughly $170,000 each, by Dec. 31, and a total of 1,000 by the end of 2011.

Understanding who's behind these machines and what their motives might be for promoting them is critical - because it strikes at the heart of our burgeoning surveillance state. Thanks to a great post by Robert Cruickshank today, I want to include two other insightful ways to view this whole "digital strip search" or "grope" issue.

Digby writes:
That's why this is security theater. We are chasing phantoms by pretending that if we stop people from carrying a bottle of shampoo on an airplane that we are safe. If you are so scared of terrorism that you're willing to throw logic out the window and subject yourself to ever more irrational safety procedures for no good reason, you'd better think twice about ever leaving your house. That, of course, is exactly the point of terrorism. And authoritarian police states.

And Melissa McEwan takes issue with the blithe dismissals of concerns about sexual assault at the hands of the TSA:

there are practical and valid objections being made by people with disabilities, parents of children with disabilities, and survivors of sexual violence....Those millions of people are not just potentially "inconvenienced." Being triggered does not mean feeling hassled or being annoyed or having your feelings hurt or getting upset. It means experiencing a physical and/or emotional response to a survived trauma, having a significantly mood-altering bout of anxiety. Someone who is triggered may experience anything from a brief moment of dizziness, to a shortness of breath and a racing pulse, to a full-blown panic attack.
With that, let's get to my featured article today by none other than consumer rights champion Ralph Nader. Nader writes:

The technology has already been challenged by recognized academic specialists on both safety and efficacy grounds. After six months of testing at four major airports, Italy is likely to drop these scanners, finding them ineffective and slow. The European Commission has also raised "several serious fundamental rights and health concerns" and recommends less-intrusive alternatives.

Back in the USA, the legal volleys have begun. Two weeks ago, the Electronic Privacy Information Center, a public interest research center, filed a lawsuit in federal court against the Department of Homeland Security. The suit alleges violations of the Fourth Amendment, the Privacy Act, the Religious Freedom Restoration Act, the Video Voyeurism Prevention Act and the Administrative Procedure Act (which calls for public hearings).

...

The department says full-body imaging is aimed at prevention. If so, why do passengers on the 15,000 U.S. registered business aircraft escape screening? Why, nine years after 9/11, is the department still way behind in the screening of air freight on passenger and cargo planes, where far more dangerous packages can bring down a plane?

For more than 40 years, public interest groups have been advocating for airline safety. After the numerous hijackings to Cuba in the late 1960s, we and air security experts pressed the Federal Aviation Administration to require airlines to strengthen cockpit doors and latches — to no avail. It took the 9/11 attacks before the FAA required the airlines to retrofit. Stonewalling, long a bureaucratic obsession in these areas, must end. A good start would be addressing these uncertainties:
  • Radiation: Homeland Security should respond when physics professor Peter Rez of Arizona State University calculates the radiation dose to be 10 times higher than the department is asserting. Or when David J. Brenner of Columbia University's Center for Radiological Research says that using these scanners — with up to 1 billion whole-body X-ray scans per year in the U.S. — "may profoundly change the potential public health consequences to the population."
  • Malfunctions. John Sedat, one of four scientists at the University of California-San Francisco who is questioning the department's technical assertions, said these machines could stall, giving passengers "severe burns if not worse." He points out that "software fails often."
...

One area in which I agree with Secretary Napolitano: Cooperation of the public is key to averting attacks. So it seems counterintuitive to antagonize the very people you're counting on to help you get the bad guys. Meantime, Homeland Security is turning TSA agents, who are at some radiation risk themselves, into government gropers without either suspicion or probable cause. People want security, but they do not like irrational, ineffective, invasive and hazardous over-reach.

DHS continually refuses to hold thorough public hearings or to answer reasoned technical, economic and other policy challenges to its practices. Congress must assert its authority to end what one TSA risk analyst has called its "culture of stupidity."

Click here to read the rest of the article
.

With that, let me point you to my article from last week published in the California Progress Report entitled "A Hobson's Holiday Travel Choice: Digital Strip Search or Get Groped?"

I should point out that we are starting to make some progress, as a new Washington Post poll shows that half the American public opposes the controversial enhanced pat-downs and that almost two thirds of Americans – down from 80 percent earlier this month - support the scanners.

For actions to take, as I point out in my piece, "You can sign Firedoglake’s petition to investigate the TSA, EPIC’s petition urging suspension of the use of these machines, and join the Facebook page “Stop Airport Strip Searches”. Then, on November 24th, if you do choose to fly, and don’t mind the delay or the pat down too much, Opt Out of using the scanners." And, the ACLU has joined the fray, sign their petition here.