Smart meters – maybe not so smart

You may already have read about ‘smart metering technology’ being installed in all homes across the UK from 2014 onwards, with every home expected to have smart metering installed by 2019. This might slip if funding is not readily available, but that seems to be the current timescale.

Smart metering allows two-way information exchange between energy users and suppliers, providing real-time (almost) information about supply and demand at the individual user level, allowing the level of that supply and demand to be accurately determined on a moment-to-moment basis. According to the Government, smart metering will slash unnecessary energy use, reduce emissions, and cut consumers’ energy bills.

But. it seems there’s a problem, and nobody’s telling us about it.

Researchers have found that the meters can monitor users’ consumption at intervals of only 2 seconds, which is far too frequent for their intended purpose.

Worse, this rapid high-resolution sampling makes it possible to analyse the consumption and identify what equipment is being used in the users’ home – and this can lead to an invasion of privacy as it reveals people’s habits, preferences, and even whether or not the home is occupied. I found the explanation of this (and the weakness which was used to exploit it) particularly interesting, since a similar discussion I took part in about five years ago concluded that this could not be done. However, technology and analytical techniques have moved on, and I have to say I am impressed with what can be done  now, and the level of detail that a ‘simple’ consumption monitoring exercise can provide.

It has to be said that a simple change to the metering could also defeat quite a lot of this – if the manufacturers were to incorporate such a thing, which would degrade the operation of the device (without affecting its claimed purpose), so I doubt they will.

They also found they could send false detail to the supplier – in other words, users could falsify their consumption.

Particularly worrying was their finding that all security techniques which were supposed to be in place were not, or could be easily circumvented – and the data being sent to and from the smart meter was not encrypted, so anyone with reasonable skills could intercept it.

We currently lack any robust privacy and data requirements in the UK for this technology.

Professor in security engineering at the University of Cambridge Computer Laboratory (Ross Anderson) has said that the Government’s smart meter plans are “set to become another public sector IT disaster”.

Technically, it does not take the greatest leap in imagination to see how such insecure devices could become a disaster  if hackers were able to break into a ‘head-end’ hub where smart metering data may be collated, and from where they could cut the supply of energy across  millions of households. Deploying these meter across the World – once developed, the same technology is mass-produced, and standardised – would see hundreds of millions of the devices installed in Europe (and North America apparently) with each having a remotely controlled ‘Off switch’, remote software updating, each becomes a rather alarming point of vulnerability in every home.

Anderson and Fuloria’s paper on the vulnerabilities of smart meter technology (6-page / 119KB PDF)

There is also a video presentation (but it’s hard going, as the guys are not used to speaking in public, but the slides speak for them):

January 8, 2012 Posted by Apollo | Civilian, Surveillance | energy, hacking, metering technology, monitoring, security, smart meter | 1 Comment

Section 43 of the Terrorism Act 2000 arrives in Scotland (MAYBE!!!)

(I originally picked up on this story because I had noted a number of previous accounts which had largely taken place down south, or were local and seemed ridiculous.

This story seems to be developing the smell of bull, with so many accusations of persecution and victimisation of the man concerned, and his own highlighting of past mental problems – and adding that as yet another issue for which he is being victimised, that I have serious concerns about the original claims.)

When I was a little more active in photography in places where, shall we say ‘care’ had to be taken, I started to pay attention to cases involving the use of Sections 43 and 44 of the Terrorism Act 2000. Although neither section refers in any way to any aspect of photography, their wording is sufficiently general that almost anything can be construed to be covered by the act.

Section 43 refers to the search of persons, and begins:

(1) A constable may stop and search a person whom he reasonably suspects to be a terrorist to discover whether he has in his possession anything which may constitute evidence that he is a terrorist.

Section 44 refers to the relevant Authorisations, stating where and when a constable in uniform may stop and search a vehicle or person.

The Act may be viewed online here:

Terrorism Act 2000

Father allegedly questioned under Terrorism Act after taking photographs of his own daughter in Braehead Shopping Centre

A story has been reported regarding the case of a father who photographed his four-year old daughter in the Braehead Shopping Centre near Glasgow.

After taking two photographs of his daughter enjoying an ice-cream treat on Friday afternoon (which he said were specifically framed to avoid including anyone else in their view), he has claimed that a security guard approached him, asked him to delete the photographs, and said they were ‘illegal’. However, as the images had been taken using a mobile phone, and been posted on Facebook, this was pointless.

At this point, the guard told him to “Remain right there” while he called the police, which the father chose to do.

He was subsequently questioned by two uniformed police officers who informed him there had been a complaint about his photography, and that the Braehead centre had “Clear signs” which stated that photography was forbidden.

He went on to state that he felt intimidated by the officers throughout the interview, and that when he tried to calm his daughter, who had been reduced to tears, one of the officers intervened, stating that he was not listening to him.

He says he was also told that under the terms of the Terrorism Act 2000 the police could confiscate his mobile phone and delete the images, but that in this occasion would not do so – provided he supplied his full details.

Since the incident, the father has lodged complaints with both Braehead Shopping Centre and Strathclyde Police.

STV Glasgow and West has published their initial response:

Superintendent George Nedley of Renfrewshire and Inverclyde Division said: “I can confirm that police were asked to speak to this gentleman by security staff at Braehead on Friday October 7.

“My officers attended and gave advice and no further action was taken by the police officers.

“I can confirm we have received a complaint regarding this incident and one of my senior officers has spoken to Mr White regarding this. As a result a full review of the circumstances surrounding the incident and the allegations made is under way.”

A spokesman for Braehead said: “Staff at an ice cream stall in Braehead became suspicious and alerted a member of the centre’s security staff after they saw a male shopper taking photographs at their counter.

“The member of security staff approached the man and politely asked if he had been taking photographs. Because of the nature of the incident, police became involved and also spoke to the man.

“Our priority is always to maintain a safe and enjoyable environment for all of our shoppers and retailers. The member of our security staff acted in good faith.

“We have a ‘no photography’ policy in the centre to protect the privacy of staff and shoppers and to have a legitimate opportunity to challenge suspicious behaviour if required. However, it is not our intention to – and we do not – stop innocent family members taking pictures.”

Shopping centre guard calls police over father taking ‘illegal’ photographs of his daughter | Glasgow and West | STV News.

Comment

I don’t really want to comment on the circumstance around the incident itself (and I was not there in any case), as there may be further reports to come, for example, a review by the police is mentioned.

However, I do think it is worth pointing out that the response made by Braehead seems to fall into the category of “Making it up as we go along”. Specifically, if they really do have a ‘no photography’ policy in the centre, then they cannot state that it is not their intention to “stop innocent family members taking pictures.”

This is inconsistent, and simply does not make any sense.

Clearly, if this was not little more than a lie, then the centre’s own security would have seen that the father had only taken two pictures of his own daughter alone, which would appear to meet their own basic requirement of “innocent family members taking pictures”, and the matter of the police being called would simply never have arisen.

You can also search this Blog to find some recent articles on this subject in relation to abuse of photographers by the police, including numbers of incidents as revealed by a Freedom of Information request: Stop and Search under the Terrorism Act 2000.

There is also an article which covers a statement issued by the police stating that they had listened to criticisms of heavy-handedness with regard to the treatment photographers under this Act, and that procedures were being modified accordingly: Section 44 abuse of photographers continues despite warnings to police.

Maybe that memo still has to be issued north of the border.

Follow-up controversy and dispute

When I first posted on this report, I didn’t like the ‘smell’ of the story – something didn’t quite gel, or sound ‘right’, although I couldn’t put my finger on it from the available information in the media.

Accordingly, I wrote relatively carefully, and avoided endorsing it, so was careful to use words like ‘allegedly’ liberally, and added an initial comment distancing even this from the circumstances of the incident, and referred to my past notes regarding Section 43/44 and the wider issues previously covered largely down south.

Unfortunately, it seems my nasal radar was not mistaken, and the warning signs detected in the initial story have proven correct.

While it appears that the part played by Braehead is honourably concluded, and they have not apologised to the father for the incident, but gone on to change and clarify their policy on photography to make it clear that families can take photographs not only in Braehead, but in other centres owned by the group.

However, there is now an acrimonious dispute between the father and the police, with the father insisting he was interviewed with regard to photography and terrorism, while the police have issued a statement denying that this was the case, and that officers were called to speak to him about another issue.

Unlike those who have rallied around the father in response to the publicity he has sought online, I am not prepared to accept his account without question. Nor am I prepared to go with the ‘all police are liars’ brigade.

Rather, since I started this post, I will post links to the stories as the appear in the media, and hope they reach a conclusion, which I will accept in either party’s favour…

Strathclyde Police - Statement re incident at Braehead, 7 October 2011

Shopping centre guard calls police over father taking ‘illegal’ photographs of his daughter | Glasgow and West | STV News October 10, 2011

Braehead apologises to father at centre of ice-cream storm | Glasgow and West | STV NewsOctober 10, 2011

BBC News – Father’s anti-terror row over photoOctober 10, 2011

BBC News – Row over photo in shopping centreOctober 10, 2011

BBC News – Braehead centre issues apology over photo rowOctober 19, 2011

BBC News – Braehead shopping centre owner changes UK photographs policyOctober 11, 2011

BBC News – Police hit back at Braehead photo row dad Chris WhiteOctober 13, 2011

Police say Braehead photo row father complaint ‘has no basis’ | Glasgow and West | STV NewsOctober 13, 2011

Express.co.uk – Home of the Daily and Sunday Express | UK News :: Photo row father to sue policeOctober 14, 2011

Shopping trip father denies being drunk – Herald Scotland | News | Home NewsOctober 15, 2011

October 9, 2011 Posted by Apollo | Civilian, photography, Surveillance | Braehead Shopping Centre, Terrorism Act 2000 | 2 Comments

Teflon Phorm and BT escape prosecution for secretly spying on subscribers

Even before I learnt how insidious and nasty Phorm was, I had an instant dislike of the company and those behind it.

I don’t like having my time and money wasted by advertising – and I am compelled to pay for advertising as the cost is built into the price of everything I buy.

Phorm seems to think it makes advertising ‘better’ by intercepting people’s web browsing, reading their web pages and inputs, and then serving ads on the pages they are looking at. The idea being it only shows people the ads they are interested in.

Those behind it could potentially make a fortune by selling precisely targeted advertising.

Apparently their twisted minds think this makes things better.

IT DOESN’T!

Not having animated adverts and other rubbish clogging most web pages and covering my screen would make things better – something that blocks every advert from my sight forever would make things better (and thank goodness there is such a thing, even if some advertisers have conspired to block all access to some web sites if they find us using it, so we can vote with our feet, and avoid any site that does such a thing).

Back in 2006 and 2007, Phorm and BT conspired to track the browsing of some 18,000 internet users, secretly and without informing them or seeking their permission.

The CPS recently ruled that there was insufficient evidence to prosecute BT and Phorm under the Regulation of Investigatory Powers Act 2000 (RIPA), which makes it an offence to intercept internet traffic without either the user’s explicit consent or a judicial warrant.

How much evidence do they need?

The CPS also said that a prosecution against BT and Phorm “would not be in the public interest”. It said that any offending was “the result of an honest mistake or genuine misunderstanding of the law” and that there was no evidence that anyone “suffered any loss or harm” as a result of the trial.

Since when was ignorance of the law an excuse?

I must try that if I am ever stopped for speeding (Sorry officer, didn’t see the sign, but I didn’t kill anyone, so it is okay and there is no need to report me).

Not surprisingly, BT said it was pleased that the CPS had decided not to prosecute, while Phorm had not returned a request for comment at time news of the “Get out of jail free card” was announced.

(I have noticed a few articles published recently which have criticised the Information Commissioner’s Office (ICO) for not acting, but these are wrong, as this sort of offence simply does not fall under the commissioner’s remit, and unfortunately only demonstrates ignorance on the author’s part.)

The last I heard was that Phorm was off to try to sell itself in countries like Brazil and China – which tells us about their morals.

The potential revenue must be huge if Phorm can impose itself on users, it seems to be a huge money-pit for investors looking at its published accounts: no recorded turnover and a pre-tax loss of $29.35 million (£17.95 million) in 2009 (last full year where this info is available). At it’s best, back in 2006, the American-based company recorded pre-tax losses of $11.54 million, on revenues of $1.27 million.

There is a much more detailed explanation of Phorm, their insidious activities of covert spying, and the weasel worded logic that appears to have aided their evasion of prosecution to be found in this article:

Phorm and the CPS’s playground justice | Richard Clayton | Comment is free | guardian.co.uk

This seems to omit an earlier revelation made a few years ago, when the matter first came to light, and that was a claim that Phorm was, shall we say ‘blessed’ with unofficial approval to carry on with developing their deep packet inspection techniques.

Why?

So that the authorities could have them do the work to develop the method, and then take the same technology and use it to spy on internet use under the umbrella of the need to carry out such monitoring as an anti-terror technique.

May 8, 2011 Posted by Apollo | Surveillance | advertising, BT, CPS, Phorm, prosecution, spying | Leave a Comment

A strange approach to data sharing

Some news coverage about the utterly insane desire of Facebook addicts to share their life stories, private and personal information,  and deepest family secrets online reminded me of a very strange article I had read recently regarding data sharing.

Before I go any further though, for those who haven’t realised the glaringly obvious – there are people out there rubbing their hands with glee, as they work their way through the information placed on Facebook (and all similar sites of course), as it makes it so easy to steal someone’s identity, and often contains all the answers to the standard security questions asked by organisations such as banks and building societies, to name but two.

Getting back on track, this was the article that had stuck in my mind:

Businesses unwilling to share data, but keen on government doing it | Technology | guardian.co.uk

The reason being that I couldn’t see what point the author was trying to make, and couldn’t decide whether he was just an idiot with no business awareness, or some sort of nut with his own agenda, and lucky to have an outlet.

The open sharing of data (and I refer to non-secret or sensitive data here) gathered by the Government seems to be something that should always have been done. It is data gathered with taxpayer’s money after all, presumably with at least a partial intent to determine how to redistribute those taxes, so one might assume there is some right of access to it. To be fair and reasonable, it probably was, but in the past, since it was recorded and stored in print, general access was not really practical, but once it was computerised, there was little by way of valid reason for not making it available to those who had funded its collection and collation.

However, this author seem to be making a big issue of companies not being willing to the same, and share non-personal data that they collect. He seems intent on suggesting this means business are not prepared to share data in the same way as the Government, and that there is some sort of problem.

His approach is beyond me, he is technically competent, and even refers to anonymised data, as if it can be shared freely, however he should be well aware that it is possible to cross-reference such supposedly anonymous data, and work out who it belongs to, or refers to, if enough  other data is available.

Perhaps he lives in a world where there is no industrial espionage. This doesn’t just happen in huge corporations, small business suffer from the same, and I had to take exceptional steps to ensure that staff did not leave with copies of customer/data/sales files from our systems when they left my employ, but it still didn’t wash out what they had in their heads, or had stashed away over the years. But, at least that sort of thing is a two-way process, and new arrivals brought their data with them from their previous employers.

The thing about this behaviour, which can’t really be controlled, is that it is at least limited, and the data concerned is time limited, and soon goes out of date.

This makes it quite different from suggesting that business share their data. As a data manager, I can easily understand how this would be desirable, and could bring advantages for all, but that would be in an ideal world. Unfortunately, in the real world, data gathering by individual business costs a small fortune, and provides sensitive information, so it’s unlikely there would ever be a sensible way for such data to be shared, and writing about it as if it something strange just seems pointless, and somewhat silly.

However, if the idea is to stimulate change for the future, then it may be quite a clever article.

Reason being, my business is part of a service controlled by the Government (but has nothing to do with the Government or politics, this is purely fiscal control), and part of the rules requires us to provide regular returns with categorised data and numbers related to total jobs completed within them. This data is therefore truly anonymous almost from source (as it does not carry any client data with it), and is completely anonymous when aggregated, as it is when it is returned to us as a monthly summary. While we cannot identify any other individual organisations such as ourselves, we can see if there are any general trends within the various areas we work and compete in, and can draw general conclusions from that.

Maybe his approach is not so far off after all, and he just didn’t get his idea over very well.

August 22, 2010 Posted by Apollo | Surveillance | data sharing, secrets | Leave a Comment

‘Mug’ shots sold to ID Card holders for £30 each

I find the irony of ID Card fans being charged £30 for the privilege of owning a reminder of their folly to be rather sweet.

The disgraceful ID Card scheme, the National Identity Register, and the lies we were told as the scheme changed from being voluntary to compulsory by a series of stealthy changes will come to an end within 100 days, as the new Home Secretary Theresa May has announced that legislation to remove the related laws forced through by the outgoing Government will be the first to be put before Parliament by the new government.

ID Cards – 100 day death sentence | PublicTechnology.net

15,000 people foolish enough to hand over £30 at the Manchester rollout of this con will not receive a refund, however Ms May said they would at least have a “souvenir” of the scheme.

Can you believe that the utter plonker who was originally responsible for this scheme, an obscure politician named David Blunkett who was going to make us all carry one if his cards, and who managed to get thrown out of his Government job not once, but twice, after making repeated gaffes that his bosses tried to ignore and gloss over, went to the papers and tried to recreate himself in some way, by threatening to sue the Government for the £30 he paid for his ID Card.

I might sue over scrapped ID card, says Blunkett – UK Politics, UK – The Independent

What a cheek! He should have been standing up and proclaiming his utter joy at having been granted the privilege of owning one of the ID Cards for a mere £30. They will be rare collectors’ items in future. I’m not sure of the ultimate number, I have seen claims of between 7,000 and 50,000 ID Cards being issued, despite Blunkett’s Labour Party being aware that every other party was going to scrap them after the General Election. The cost of the scheme was said to be £250 million over the eight years it was being pushed through regardless, against all opposition objections, with 15,000 paying £30 for each card worth £16,667 – which surely has to be a bargain. If the number was 50,000 then the cost of each card was a mere £5,000 – still a bargain at £30,  but who will ever know the truth?

Maybe David Blunkett should still be sued for the cost of the disgraced and scrapped ID Card scheme – paying off the bill might keep us safe from his demented publicity stunts.

I’m certainly not wasting my time hunting down the real numbers, so if the above – taken from various reports in the news – are wrong, don’t bother letting me know. I don’t care now that the billions – at least £5 billion, and no doubt many times more if the project had been allowed to continue – have been saved, especially given the dire financial straits the country was shown to be in after the General Election.

It was embarrassing to watch the previous Government ride roughshod over any protests against the scheme, and attempt to have this pointless scheme set in place before it lost office, as if it was intent on having it installed deeply enough to ensure that any following administration would not be able to afford to cancel and withdraw it, since every single other political party had announced its intention to do away with the scheme in their post-election manifestos.

I could have a laugh at the expense of those who supported these useless cards, but it’s perhaps better to let them speak for themselves, and how ridiculous their claims are (or were), remembering that there is no evidence to support the claimed anti-terrorism claims made for the ID Card, and that they did not replace ANY of the alternative forms of identification we already have available, which would still all continue to be needed, meaning this cards/system would still have been additional to what we already have, and more importantly, subscribe to voluntarily when we want or need the services they apply to:

BBC News – ‘Why I love my ID card’ (Seriously, this makes for truly sad reading if the writer believe all he has written.)

Civil service warning

While I’m not too interested in the words of fanatics, extremists, or those with their own agenda, I have had a look around some of the follow up stories that have appeared around the web since the news of the current ID Card scheme cancellation was confirmed, and some of it may just carry the worrying ring of truth.

There are claims that the bureaucrats and pen-pushers at Westminster are not too happy about the loss of the scheme, and that they had been rubbing their hands in joy at the prospect of having a database where everyone’s details were centralised, and of forcing people to carry a card that linked them to it. And it’s not hard to see how people who’s lives revolve around making rules and having people follow them would adore to have such a system in place.

I think it might be well worth watching the small print that related to the people of the bureaucratic Government services over the next few years, just in case they decide to use their skills to learn from the current ID Card and database fiasco, and use the next five years to form a new plan to introduce something similar once the current interest dies down, and they can come up with the reheated dregs under a new name.

BBC News – The nine lives of ID cards

Maybe they will come up with something ‘new’, like an Entitlement Card (and of course, a database containing details of the entire UK population to back it up).

Maybe you won’t be granted access to any Government related services if you don’t have one, so it won’t be compulsory, unless you want access even to your local council, or maybe even to prove you are entitled to have your bin emptied.

The story may be little more than ‘smoke and mirrors’, but where pen-pushers and Jobsworth’s are concerned, I never discount anything, no matter how unbelievable, fantastic, or unlikely it may sound, and this has a little more than just the smell of possibility to me, and thoughts of how kids behave when you take one of the favourite toys away from them. They don’t let go willingly, or forget.

ID Cards can still be had

If you’re really upset at not being tagged with a UK ID Card then you may wish to follow the link below, and keep one of their offering in you handbag or wallet. You could even fine yourself $1,000 any time you leave home without it, or forget it, and you could even lock yourself  indoors for 24 hours, just to simulate the feeling of being lifted by the police in a spot check to make sure you had your card with you.

It will probably be as secure as the UK ID Card, which I have seen newspaper articles which claim could be cracked in as little as 10 minutes, and new work suggests that biometrics are far from infallible.

Fluxcard Fake ID | Effective Fake ID Cards | Holograms and UV Fake IDs Features | Order Fake ID Online

June 15, 2010 Posted by Apollo | Civilian, Surveillance | ID cards, National Identity Database, privacy, security | Leave a Comment

The National Identity Register, ID Cards, and an election

While I don’t want to be accused of telling anyone how they should vote in a general election – as if anyone would listen to me anyway – I’m still not gagged, so that doesn’t preclude my observations regarding interesting things that might influence them.

I was going to precede this information with some introductory blurb, reflecting on the intriguing distribution of voting in general election in Scotland, but that would have infringed on the opening premise, so all I can do is quote the following, and suggest that most folk are not aware of the true implications of the ID Card, and more importantly, The National Identity Register, which is generally ignored, but much more sinister.

You may be perfectly happy to hand all your personal identification data over to the current Government which is power, but don’t forget, that will inevitably change one day, and has been seen in recent years, the principles of those in power do not necessarily stay the same.

It seems that every political party, except Labour (which has poured and will continue to pour ridiculous amounts of money into it), sees no future for ID Cards, the National Identity Register, and related projects.

If it’s so good, why does nobody else want it? They should all be beating a path to its door!

The issue has been fudged since it first appeared around 2002, and even now, it remains unclear just whose best interest it is in. Don’t forget, most of the reasons put forward by the Home Office can be shown to be ‘smoke and mirrors’, based on assumptions, not facts.

As of 26th April, opposition parties’ 2010 manifesto commitments on the National Identity Scheme stand as follows:

• The Conservatives (standing 631 candidates) will “scrap ID cards, the National Identity Register and the ContactPoint database”;
• The Liberal Democrats (631 candidates) will “scrap intrusive Identity Cards and have more police instead”. They also intend to “scrap plans for expensive, unnecessary new passports with additional biometric data”;
• The UK Independence Party (543 candidates) will “abolish ID cards” which involve “harvesting large amounts of highly sensitive personal data” and are “an ingredient in an increasingly intrusive surveillance society”;
• The Green Party (315 candidates) oppose ID cards and “also have grave concerns over the development of a national dataset, including detailed biometric data, which has potential for the infringement of civil liberties”;
• The British National Party (270 candidates) will “halt all moves to introduce ID cards as an undesirable manifestation of the surveillance society”;
• The Scottish National Party (59 candidates) would “cut the projects that the country doesn’t need and can no longer afford such as Trident, ID cards and deep storage nuclear dumps”;
• Plaid Cymru (40 candidates) will “continue to oppose legislation to make possible secret inquests, Internet monitoring, wasteful ID cards, the national DNA identity register and longer pre-charge periods of detention for suspects”;
• The Scottish Green Party (20 candidates) will not have ID cards which “are an unnecessary invasion of our privacy and will do nothing to prevent crime and terrorism”;
• The Social Democratic and Labour Party (18 candidates) will “continue to point to the savings possible by scrapping spending catastrophes of the current government such as the £5bn ID cards”;
• The Democratic Unionist Party (16 candidates) says “plans to introduce ID cards should be scrapped”;
• The Pirate Party (10 candidates) “strongly oppose compulsory ID cards, and pledge that we will never introduce them”;
• The Respect Party (11 candidates) succinctly states: “No ID cards”;
• The Alliance for Green Socialism (6 candidates) will “scrap ID cards and databases of personal information”;
• The Communist Party of Great Britain (6 candidates) calls for “an end to prolonged detention without charge, house arrest and plans for ID cards and full restoration of the rights of assembly, protest and free speech”;
• The Liberal Party (5 candidates) “oppose the introduction of ID Cards and the ‘Database’ State”;
• The Libertarian Party (4 candidates) will “immediately scrap the compulsory National ID card scheme”

From 2012 under a Labour administration, everyone needing a passport will be forced to enrol on a centralised ID database and be fingerprinted – and have to pay for the privilege of having their identity ‘managed’ by the state for the rest of their life. Labour’s manifesto pledge that “in the next Parliament ID cards and the ID scheme will be self-financing” is nonsense. The billions the scheme will cost have to come from somewhere, and it is the public who will pay.

Source: stop the database state » NO2ID

A centralised database is not even needed for proof

Although it’s only a local scheme in Wiltshire, and very new as I write, a scheme whereby young people can prove they are over 18 in order to gain entry to premises where proof of age is required appears to be making a successful start.

The interesting aspect of this scheme is that it provides its proof-of-age without having to refer to a centralised database, and relies on data encoded on a card, in this case fingerprint data. However, it does not contain any personal data, nor does it contain the fingerprint, which means if it is lost or stolen, it is useless to anyone else. And, as there is no need for it to refer to, or be linked to a central database holding the person’s details, there are no security implications resulting from its loss or theft.

See: touch2id – database free id for 18-25s

May 1, 2010 Posted by Apollo | Surveillance | ID cards, National Identity Database, privacy, security | Leave a Comment

Stop and Search under the Terrorism Act 2000

Lest anyone accuse me of trying to spin the only available data, I can only point out that I can only show what figures may be made available, so although I will refer to the preceding posts made in the Blog regarding harassment of photographer using the above Act as justification, I will object if anyone suggests I’m giving the following number as being photographers stopped, rather than merely “Stops and Searches”.

However, what I will point out is the thankfully small numbers listed for Scotland in the following statistics – regardless of anything else, it must make us glad to live here rather than most of the other areas listed.

200,444 people were stopped under Section 44 of the Terrorism Act 2000, in the year ending September 2009.

But, it is still a controversial subject, and it has been noted elsewhere that the European Court of Human Rights ruled that police who use Section 44 without grounds (my emphasis, Admin) for suspicion are violating individual freedoms and acting illegally. We also noted that the police announced their plans and intention to curtail use of these powers, Section 44 abuse of photographers continues despite warnings to police. It may be that this has been done, or perhaps the pattern of use has been altered to bring about a change, since the number for the year ending September 2008 was 227,431, meaning a fall of 12% this year compared to last.

Although only 124 were stopped in Scotland, we can still ask how effective the policy is, and if it is doing public relations damage? Only 965 (0.5%) were arrested after being stopped last year.

In the same period, the Metropolitan Police also made 1,896 stop and searches under Section 43 of the Terrorism Act 2000 (which was referred to in the preceding post, Photographer harassed by police in Kidlington), which allows an officer to stop a person they suspect to be a terrorist. Only four arrests resulted from the use of this particular section, a rate of just 0.2%.

What we don’t know from this particular set of Home Office figures is how many of the arrests resulted in charges or convictions, and how many of those arrested were merely left in a police cell for a few hours, then released without charge.

Stop and search 2008 and 2009

The data can be downloaded here: The full datasheet

What can you say?

Well, with 124 of 200,444 stops being in Scotland, then for the moment at least, I know where I prefer to be found.

datablog/2010/feb/25/stop-and-search-uksecurity”>Terror stop and search police statistics | News | guardian.co.uk

February 25, 2010 Posted by Apollo | Civilian, photography, Surveillance | Section 43, Section 44, Terrorism Act 2000 | Leave a Comment

Another nail in Phorm’s UK coffin

Insidious behavioural net advertising system Phorm felt another mail being driven into its UK coffin with the announcement that its UK manager director has jumped out of the boat.

When the media asked for a comment, the comment was No comment, and at the time of reporting, there was no indication that the former MD had gone to another job.

Interestingly, he is said to have become part of the operation back in December 2008, when then UK Chief Executive, Financial, and Operating Officers went, together with four other board members, at which point, the company also seems to have decided it would be a good idea to stop including a list of its executives’ names on its web site.

Since the UK ISPs (BT, Talk Talk, Virgin) have pulled the plug on their association with this sneaky organisation that carried out secret testing (with BT, and without customer’s consent or knowledge) of its intrusive behavioural ad-targetting system, seems that we may be seeing the ejection of this thing from our country, although it seems that foreign operators, such as those in countries like South Korea, see this as the sort of thing they want to have Phorm’s method of profiling a user’s every web visit via his/her ISP.

There seems to be some attempt to confuse the issue by comparing Phorm with Google, but the two are quite different, and Google certainly does not have direct access to user’s web history with the collusion of their ISP, as Phorm does. Google is nothing like Phorm, and uses information collected in the course of using its services, and does so cleverly, which has made them their fortune (and clearly made them their enemies too). Google tracking of user history can easily be thwarted by users if they really want to.

If someone tells you Google and Phorm are the same, or even similar, smell a rat, don’t believe them, or better still, have them explain how. They’ll either fail…  lie… or prove their ignorance. Or be part of the “Google is Evil” party, but you should be able to see that lot coming. Read the information – not the propaganda – and that even includes what you might read here, just in case I might be ever so slightly biased against Phorm, and get carried away (before them).

November 18, 2009 Posted by Apollo | Surveillance | advertising, Phorm, spying | Leave a Comment

Big Brother Watch

While it’s said that there is no such thing as bad publicity, it’s hard to see any real benefit in the scare stories spread by extremists and conspiracy theorists when the surveillance state, our civil liberties, and our personal freedoms are being considered. For one thing, the true stories are generally shocking enough all on their own, and need no such embellishments.

Glasgow has trialled surveillance cameras with microphones which can listen in without the knowledge of those being watched. The press has reported that the Mayor of Watford, Dorothy Thornhill, and her Council have just banned parents from watching their own children at two council play areas in the town. We just had the ridiculous scenario where it was suggested that parents who might help one another by looking after each others children, or merely drove them somewhere, would have to be officially vetted first. We now have The Independent Safeguarding Authority (ISA), created to help prevent unsuitable people from working with children and vulnerable adults, however some writers have suggested this body will be subject to abuse, claiming that not being registered with it will be interpreted can’t, and even those who have little contact with those it is intended to protect will end up having to register, or be disadvantaged.

A new campaigning group has been formed this month Big Brother Watch:

Coming this October, Big Brother Watch is the exciting new campaign from the founders of the TaxPayers’ Alliance, fighting intrusions on the privacy and liberties of ordinary Britons.

Big Brother Watch plans to produce regular investigative research papers on the erosion of civil liberties in the UK, beginning with a detailed investigation of the ways in which individual local authorities have encroached upon the lives of the ordinary British citizen, whether it be placing microchips in rubbish bins or snooping on your private telephone records. We will name and shame the local authorities most prone to authoritarian abuses.

We will also champion individual cases. We want to use the legal system to help the man in the street fight injustice and regain his personal freedom. We are building up a legal fund to back cases in which we feel a key principle is at stake.

…

Big Brother Watch also aims to expose the extent to which the web has become the first line in state surveillance. Recent examples of web companies being leant on to release personal data have opened the floodgates for the co-opting of internet activity into the state’s control. Safeguards are needed before it’s too late.

We hope Big Brother Watch will become the gadfly of the ruling class, a champion for civil liberties and personal freedom — and a force to help a future government roll back a decade of state interference in our lives.

This particular campaign is, of course, brand new. It remains to be seen how neutral it is, if there is an underlying agenda, and whether or not it is apolitical. These aspects can only truly be revealed in the fullness of time, as it develops a track record, however it does seem to form a broader platform than the various groups that have already formed to try and highlight the excesses of state intervention that have been railroaded into our lives on the back of claims that they are necessary for the “War on Terror”.

While I like to think I provide information to inform, I also try to avoid influencing anyone’s decisions (appeals against the destruction of historic sites excepted of course ), so I merely leave the last word to Big Brother Watch, and their own published mission statement:

Mission Statement

Big Brother Watch fights injustice and campaigns to protect our civil liberties and personal freedoms.

The British state has accumulated unprecedented power and the instinct of politicians and bureaucrats is to expand their power base even further into areas unknown in peace time.

Big Brother Watch campaigns to re-establish the balance of power between the state and individuals and families.

We look for the sly, slow seizure of control by the state – of power, of information and of our lives.

We advocate the return our liberties and freedoms and look to ordinary people to join our cause.

Big Brother Watch is on your side.

October 29, 2009 Posted by Apollo | Surveillance | campaign | Leave a Comment

Phorm still plays innocent

Poor old beleaguered Phorm just can’t win any friends, and its sneaky secret trials carried out in conjunction with BT, when it intercepted users data without asking for their permission or obtaining their consent, continues to haunt it – as it clearly should. It show the character of the company, and how far it, and its Webwise product can be trusted, and in which direction its moral compass points. It seems to be unable to understand what it did, and is doing, wrong, and continues with the same whining and fairy tales about how innocent it is, while avoiding the issue that its DPI (deep packet inspection) techniques involve direct, uninformed snooping on users personal data, in collusion with the ISP.

The All Party Parliamentary Communications Group (ApComms) has called the internet advertising industry’s self-regulation on behavioural advertising inadequate, with MPs and Lords calling for a change in the law to make it illegal for [i]behavioural advertising[/i] to be used with an internet user’s explicit consent to opt-in, and even backed suggestion for the creation of a privacy law. This is on top of an announcement from the Office of Fair Trading, which said it would be carrying out an investigation into the fairness of behavioural advertising.

The All Party Parliamentary Communications Group (ApComms) said the internet advertising industry’s self-regulation on behavioural advertising was inadequate, and that a law change was necessary.

It said: “We do not believe that it is at all appropriate to consider the deployment of any type of behavioural advertising system without explicit, informed, ‘opt-in’ by everyone whose data is to be processed, and whose behaviour is to be monitored and whose interests are to be deduced… We do not believe that ‘opt-out’, however commercially convenient, is the way that these systems should be run. To that extent, the Good Practice Principles promoted by the Internet Advertising Bureau are insufficient to protect people… We recommend that the Government review the existing legislation applying to behavioural
advertising, and bring forward new rules as needed, to ensure that these systems are only operated on an explicit, informed, opt-in basis.”

I could waffle on and on, but there would be little point as the ApComms report says most of what needs to be said (and lets Phorm openly shoot itself in the foot):

“Can we keep our hands of the net?”

Report of an inquiry by the All Party Parliamentary Communications Group

October 2009 : The report (46-page / 173 kb pdf)

October 23, 2009 Posted by Apollo | Surveillance | Phorm | Leave a Comment