State's Differ on Real ID

Even though the Department of Homeland Security (nothing Orwellian about that name!) announced the postponement of the REAL ID Act for a few more years, we're still seeing more and more state's voice opposition to the program. Unfortunately however, not all of them.

Maryland for instance, came out yesterday in support of the program, one of a growing number that are folding like lawn chairs to government demands. Why you ask? Well, it appears the driving force behind the turnaround is the issue of illegal immigration.

The Baltimore Sun Reports:

Bowing to federal pressure to crack down on undocumented immigrants, the O'Malley administration announced Tuesday that in two years it would begin requiring all driver's license applicants to present a birth certificate, passport or some other documentation to prove they are legal residents of the United States.

...

...state officials made it clear they were complying reluctantly. Speaking to reporters Tuesday, Gov. Martin O'Malley called REAL ID bad policy but said he had agreed to go along to prevent Maryland from becoming a magnet for those unable to get licenses elsewhere.

...

"Our citizens, quite frankly, are going to be shocked by what is going to be required, such as finding an original of a birth certificate," he said. Predicting "major degradations of service" at the MVA, he added: "If you wait until the day before your birthday to walk in and renew your license, you will not walk out with a new license."

Though Congress passed the REAL ID law in 2005, Maryland officials say they have been waiting to see exactly what would be required of states to prevent illegal immigrants from obtaining driver's licenses. Final regulations, 284 pages of them, were announced Friday.The law takes effect later this year, but it allows states to delay compliance until 2010. Maryland has already been granted that extension.

...

Cindy Boersma, legislative director for the American Civil Liberties Union of Maryland, called the administration's announcement "very disappointing." She noted that almost half the states have objected in some fashion to the requirements of the REAL ID law, which she contends could expose the public to increased risks of identity theft. The law requires states to maintain extensive databases of private information on all its residents, and to share that with other states' licensing agencies as well as the federal government, she said.

"There are signs that this mandate is in retreat," Boersma said, noting that bills have been introduced in Congress to repeal the law.

Click here to read the article in its entirety.

Montana on the other hand, is taking a diametrically opposite stance. Their Senator, Jon Tester, called the Act a "textbook Washington boondoggle", both chambers of the Montana state legislature voted against it, and Gov. Brian Schweitzer, after being asked whether Montana would comply said: "No, nope, no way, hell no." And the Great Falls Tribune wrote this scathing editorial yesterday lambasting "REAL ID":

The editorial begins by calling the Act an "unfunded mandate that infringes on citizen privacy and state sovereignty, with little guarantee of success."

And it continues:

Beginning in May, residents of states that refused to participate in REAL ID may have to undergo extra screenings to fly or visit a federal courtroom. Although states can file for an extension, Montana law may not allow it.

"What they're forcing is a showdown," said Scott Crichton with the Montana ACLU. "It's a states' rights confrontation really."

REAL ID would create federal standards for issuing driver's licenses, "something that has historically been within the rights of states to decide," said Matt Sundeen, with the National Conference of State Legislatures in Denver. What's more, states would have to pay for it.

...

Long term, the real trouble with REAL ID is its similarity to a national ID card. Although licenses will look different from state to state, they will be linked by a national database. That could create an unprecedented ability to track — and limit — people's movements, amounting to what critics call an "internal passport."

It also would create a target for identity thieves, say Tester and U.S. Sen. Max Baucus. Weighed against all those negatives, there's no guarantee that REAL ID will stop terrorists. Creating a foolproof, large-scale ID system is exceedingly difficult, experts say. And there's nothing to say a legitimate ID holder can't be a terrorist. The fight is not over.

Baucus and Tester are co-sponsors of the Identification Security Enhancement Act, a bipartisan bill that repeals REAL ID and gives states more flexibility in fighting terrorism.

Click here to read the article in its entirety.

So there you have it, a disappointing capitulation to DHS by Maryland, and a textbook defense of it's citizens right to privacy coming out of the state of Montana. Most importantly to know for all of us that believe the constitution trumps government proclamations and programs that they say will "protect us", is the fact that a bill has been presented that repeals Real ID once and for all. So everyone keep an eye on the Identification Security Enhancement Act, and when the time comes, all our legislators will need to hear from us.

Do we Really Want Big Brother Watching Us?

New technologies aimed at strengthening our national security pose an enormous threat to our privacy - and they don't protect us from the "evil doers" anyway!

Take for instance, the possible emergence of "Project Hostile Intent" - the United State's new and not so privacy friendly airport/border security system (still being developed). This system, a technology worthy of a creepy sci-fi movie, has raised the eyebrows of privacy protection advocates because it would collect a variety of personal information about travelers and provides all kinds of opportunities for abuse.

Computer World Reports:

The system interprets your gestures and facial expressions, analyzes your voice and virtually probes your body to determine your temperature, heart rate, respiration rate and other physiological characteristics -- all in an effort to determine whether you are trying to deceive.

Fail the test, and you'll be pulled aside for a more aggressive interrogation and searches.

Interest in the use of what some researchers call behavioral profiling (the DHS prefers the term "assessing culturally neutral behaviors") for deception detection intensified last July, when the department's human factors division asked researchers to develop technologies to support Project Hostile Intent, an initiative to build systems that automatically identify and analyze behavioral and physiological cues associated with deception.

That project is part of a broader initiative called the Future Attribute Screening Technologies Mobile Module, which seeks to create self-contained, automated screening systems that are portable and relatively easy to implement.

"It's a good idea fraught with difficulties," says Bruce Schneier, chief technology officer at security consultancy BT Counterpane in Santa Clara, Calif.

Even if Project Hostile Intent ultimately succeeds, it will not be a panacea for preventing terrorism, says Schneier. The risk can be reduced, but not eliminated, he says. "If we had perfect security in airports, terrorists would go bomb shopping malls," he says. "You'll never be secure by defending targets."

Assuming that the system gets off the ground, Project Hostile Intent also faces challenges from privacy advocates. Although the system would use remote sensors that are physically "noninvasive," and there are no plans to store the information, the amount of personal data that would be gathered concerns privacy advocates -- as does the possibility of false positives.

"We are not going to catch any terrorists, but a lot of innocent people, especially racial and ethnic minorities, are going to be trapped in a web of suspicion," says Barry Steinhardt, director of the Technology and Liberty Project at the American Civil Liberties Union in Washington.

Click here to read the article in its entirety.

Steinhardt also stated that we really shouldn't worry too much about this system, since they never work properly and are years from being put into use. Still, it is concerning that the government has poured hundreds of billions of dollars into the program since 9/11, all for a security system that barely works and would create serious ethical questions associated with it.

Advancements in technology - such as RFID and Project Hostile Intent - may serve certain purposes, but more than naught, represent the continuing expansion of Big Brother's ability to monitor and record nearly everything we do - all under the guise of keeping us safe. But who is keeping us safe from those doing the watching and recording?

REAL ID Act Postponed

Since it was passed in 2005, the Real ID Act has alarmed privacy groups, lawmakers, state politicians, and the travel industry, and for good reason. The law requires states to issue new licenses which are supposed to screen potential terrorists and identify illegal immigrants. However, the law carries with it grave privacy risks, not to mention it will be expensive for states to implement and it could potentially restrict summer travel.

An announcement on Friday regarding the time table for the implementation of the REAL ID Act by the Bush Administration presented some good and bad news for it's opponents.

Some Good News...

Washington Post Reports:

But they [critics of the bill] also welcomed yesterday's official announcement that states have until May 2011 before they need to begin issuing licenses that meet the department's new guidelines, and until December 2014 to begin replacing current licenses. Drivers over the age of 50 will not have to obtain new licenses until the end of 2017.

The deadline extensions give both Congress and future presidents time to reconsider what opponents have depicted as a national identification system that will infringe on privacy rights and leave room for large-scale identity theft.

Responding to Friday's announcement, the ACLU released this statement:

“In its new REAL ID regulations, the Department of Homeland Security appears to have dumped the problems of the statute on future presidents like a rotting corpse left on the steps of the next administration – and not just the next one, but the administration of whoever is president in 2018. By the time this thing is supposed to go fully into effect, Chelsea Clinton and Jenna Bush may be fighting for the White House.

That just confirms it: Real ID needs to be repealed. It is not only a threat to Americans’ privacy but it is utterly unworkable. After 3 ½ years of efforts to implement this law, the tortured remains of the statute that appear to survive in these regulations stand as stark evidence of that fact.

Click here to read the statement in its entirety.

Citing incidents of stolen government computers, Jim Lawing, an ACLU representative says requiring citizens to put all of their personal information in one database can be dangerous.

"It will create a whole new database that the government will be in charge of. The government has shown that it's not capable of protecting this kind of data."

Some Bad News...

The Washington Post:

At a news conference yesterday, Homeland Security Secretary Michael Chertoff said the guidelines represent a balance between security and privacy in accordance with the Real ID Act. He warned that residents in states such as Georgia and Washington, which have refused to comply with the program, may be subject to additional security checks or prevented from boarding flights once the program begins this spring.

Click here to read the article in its entirety.

Despite this threat from our own government, the ACLU claims it could not realistically prevent millions of travelers from these states who lack the REAL ID from boarding flights restrict summer travel.

Study: U.S. among world’s ‘endemic-surveillance societies’

I suppose if a "wake up call" was still needed in America regarding our dwindling privacy rights this would be it. I speak of the findings just released in the annual "Report on Surveillance Society" by the U.S.-based Electronic Privacy Information Center and the U.K.-based Privacy International, which has been doing the survey since 1997.

Unlike in the past, this year's report ranks 47 nations on the issue of privacy protection, and as one might expect, the United States fairs poorly, very poorly. Specifically, we rank near the bottom of the countries surveyed and were labeled an “endemic-surveillance society” with poor privacy protection and aggressive monitoring by both the pubic and private sectors.

In fact, the U.S. ranking deteriorated since 2006, going from poor to bad. The intention behind the report is clearly laid out by its authors:

"First, we hope to recognize countries in which privacy protection and respect for privacy is nurtured. This is done in the hope that others can learn from their example. Second we intend to identify countries in which governments and privacy regulators have failed to create a healthy privacy environment. The aim is not to humiliate the worst ranking nations, but to demonstrate that it is possible to maintain a healthy respect for privacy within a secure and fully functional democracy."

As reported in Government Computer News,

"The report identifies technology as one of the culprits in the worsening situation. “The privacy trends have been fueled by the emergence of a profitable surveillance industry dominated by global [information technlogy] companies and the creation of numerous international treaties that frequently operate outside of judicial or democratic processes.”

...

The United Kingdom was rated the worst country in Europe and also listed as an endemic-surveillance society. The ranking was produced by the U.S.-based Electronic Privacy Information Center and the U.K.-based Privacy International...The full report is a massive 1,100 pages with 6,000 footnotes, but a summary of findings is available.

Among the findings contributing to the national ranking were:

No explicit right to privacy in the U.S. Constitution and no comprehensive privacy law.

The Federal Trade Commission continues to give inadequate attention to privacy issues, although it issued self-regulating privacy guidelines on advertising in 2007.

Real-ID and biometric identification programs continue to expand without adequate oversight, research and funding structures.

Extensive data-sharing programs across the federal government and with the private sector.

Congress approved a presidential program of spying on foreign communications over U.S. networks and now is considering immunity for telephone companies that cooperated in illegal programs.

Wilton D. Alston of the New American sums up the report nicely, rightly connecting the dots between privacy and surveillance with liberty and freedom...as in increased surveillance and weakening privacy rights necessarily means a loss of liberty and freedom. This should have us all deeply concerned, and hopefully more vigilant:

At minimum the 2007 PI report confirms, in spades, previous reports suggesting that the U.S. was moving toward implementing a thorough surveillance state. Nevertheless, even with my background in researching and writing on the subject of privacy and surveillance, I was still taken aback to see the relative comparisons between the U.S., the UK, and everyone else. Even as I stated in my TNA surveillance cover story, that "the UK is now the world’s most watched country, having upwards of five million closed-circuit TV (CCTV) cameras keeping a watchful eye on the public, with the average citizen being caught on camera around 300 times per day," I was unprepared to see the stark comparisons.

...

And it is that possibility — that the health of democracy and freedom is directly linked to the pervasiveness of surveillance — that we must focus upon. As I noted in the TNA cover story, Americans currently seem to favor surveillance over privacy. "Security expert Bruce Schneier calls this effect, within the realm of surveillance psychology, the ‘availability heuristic.’ Most people would rather all their deepest secrets be posted on the Internet tomorrow than have a psychopathic serial killer escape capture today, assuming that’s the trade-off." That this is not the trade-off somehow gets lost in the shuffle.

This was confirmed for me recently via a Facebook survey that asked the question: "Is the U.S. safer since the war on terror began?" One of the respondents who said "yes" also noted, apparently as confirmatory evidence, that there had been no terrorist attacks since the USA PATRIOT Act was signed. To even the most juvenile student of statistics, this conclusion is flawed. If terrorist events only happen at a rate described by the number that have occurred on American soil, there is really no way to judge if the rate is lower or higher since 9/11. (No one ever said logic and statistics were the strong suits of Internet survey takers!)

More importantly, as Judge Andrew Napolitano recently explained in an excellent speech given in DC and recorded on Reason.TV, the point is not that we must give up our liberty to achieve security. That is an over-used and patently absurd false dichotomy. In most cases, it is those who seek to extend their own power that are the biggest threats to our safety, and most times, those are people we elected! History is full of examples of this, dating back to the Alien and Sedition Acts and proceeding, in megalomaniacal glory, up to the USA PATRIOT Act.

Click here to read his analysis in its entirety.

More trouble for Sears...

Just when we thought things couldn't get worse for Sears, the retailer is facing increasing scrutiny from privacy advocatesa as well as a new law suit.

The Register Reports:

On Friday, a Sears customer filed a suit in Illinois state court alleging the retailer's Managemyhome.com (http://www.managemyhome.com/) website is "fatally flawed and was designed in such a way as to significantly compromise the private information of its customers." The complaint, which requests class-action status, seeks a court order requiring customer data be secured on the site and an award for damages.

...

The complaint was filed on behalf of Christine Desantis, a customer whose details about 10 purchases made over eight years was made available to anyone savvy enough to exploit the bug. She doesn't know if anyone actually accessed the information.

...

"At the most simple level, anyone can now access Sears's customers private purchase history, meaning that a nosy person can find out how much his neighbor spent on a new washing machine or lawnmower," the complaint alleges. "More problematically, marketing companies can mine the Managemyhome website for data about Sears customers, in order to transmit detailed advertisements for additional products and/or warranties."

The complaint, filed by KamberEdelson, seeks class-action status, $5 million in damages, including attorney's fees. KamberEdelson (a New York based law firm) has been successful in pursuing Sony BMG Music Entertainment after they shipped millions of CDs containing Spyware to their customers. The firm has indicated that they are seeking plaintiffs for a second class-action suit against Sears for having secretly installed ComScore's Web-tracking software on PCs from some Sears' online customers.

Presently, Sears has disabled its site's feature that allows a user to look up the purchase history of any customer, but it is unclear whether the retailer will restore the feature once the controversy has blown over.

Click here to read the article in its entirety.

Sears.com and Kmart.com Disregard Customer Privacy

Only a couple weeks after facebook was scrutinized for tracking user's online activity through its Beacon application and then posting it on the site for the world to see, it now turns out that Sears.com and Kmart.com have been tracking their users online habits and reporting them to online marketers.

Ars Technica (Boston) reports:

The story goes like this: late last year, Sears.com and Kmart.com began asking sers if they wanted to participate in a "community" online (presumably a community made up of Sears and Kmart aficionados). In late December, security researcher Benjamin Googins at Computer Associates noticed, however, that the "community" actually installed software from comScore, a market research firm, in order to track the web activities of the sites' visitors

...

Googins stated on his company's blog that Sears had installed spyware which transmitted everything-"including banking logins, email, and all other forms of Internet usage"-to comScore for analysis. This was all allegedly done with no notice that anything was being installed, and it ran contrary to documentation about the community that said any data collected would stay within Sears' hands at all times.

But wait, there's more! In an update to his original post, Googins noted that Sears actually offers a slightly different privacy policy-via the same URL-to compromised computers versus those that have yet to install the software.

"If you access that URL with a machine compromised by the Sears proxy software, you will get the policy with direct language (like 'monitors all Internet behavior'). If you access the policy using an uncompromised system, you will get the toned-down version (like 'provide superior service')," he wrote.

Click here to read the text in its entirety.

Computer World interviews one consumer who expresses his surprise with Sear's actions:

"It's pretty amazing that in 2008 a major corporation such as Sears can show such blatant disregard for the privacy of its customers. It definitely will make me think twice before ordering from them again," said Doug Fuller, an Oakland, Calif., Realtor. "It's not like it is some rinky-dink company. This is a major corporation. And with all the identity theft going on, this is the best they can do?" he said via instant message.

No company should have the right to collect, document and distribute our personal online habits to marketers without our knowledge and we certainly don't expect trusted companies like Sears and Kmart to engage in this type of activity. Unfortunately, this proves that consumers must be wary of every online site due to the internet marketing frenzy that has taken over the internet.

Click here to read the text in its entirety.

Big Brother gets bigger, says global privacy study

Apparently the United States isn't the only country in the world experiencing an all out assault on the individuals right to privacy (though we are one of the most egregious offenders). According to a new international privacy report "governments around the world are increasingly invading the privacy of citizens with surveillance, identification systems, and archiving of private data."

This study should serve as a wake up call to everyone who believes in liberty and is concerned about the anti-democratic expansion of the government's authority and ability to monitor nearly everything we do.

CNET reports:

There was also an increase in the trend of governments archiving data on the geographic, communications, and financial records of citizens, as well as enacting legislation intended to increase the reach into individuals' private lives, the report found.

...

Specifically, governments have implemented or proposed use of fingerprint and iris-scanning biometrics, real-time tracking and monitoring through communications channels, geographic vehicle and mobile phone tracing, national DNA databases, global information-sharing agreements, and the elimination of anonymity in cyberspace.

...

In terms of statutory protections and privacy enforcement, the United States is the worst country in the "democratic world" and is outranked by both India and the Philippines on overall privacy protection. The U.S. has fallen into the "black" category reserved for countries with "endemic surveillance."

It almost goes without saying that the driving force behind this global assault on privacy are the publics fear - constantly stoked by elected leaders - of illegal immigrants and the threat of terrorism. The real question we must ask is just how real these "threats" are, and, how much safer does these kinds of government techniques really make us? In other words, is it really worth giving up our freedom and privacy just to be arguably a little safer? Of course not...

For the full story click here, and to view the full report click here.