The Globe and Mail reports that Canada’s Justice Minister Rob Nicholson announced this week that Bill C-30 is officially dead. In the announcement, Nicholson said the government abandoned the bill after listening “to the concerns of Canadians.” He also said that any attempts to modernize the country’s criminal code will not contain “warrantless mandatory disclosure of basic subscriber information or the the requirement for telecommunications service providers to build intercept capability within their systems.”

The bad parts of the bill may be dead, but Canada is preserving one part of it for law enforcement. The police will be allowed to make use of warrantless wiretaps in the case of an emergency, but there are a few important caveats included in the legislation.

For one, police must alert citizens they were subject to a wiretap after an investigation has been closed. The government is also required to issue annual reports on how wiretaps are used. Finally, warrantless wiretaps are restricted to only certain officials for certain crimes.

It’s certainly different from how wiretapping works in the U.S. FISA allows the government to wiretap anyone without a warrant, and without ever notifying them. Some members of Congress have worked towards making it more transparent, but proponents argue that it must be kept secret.

Canada’s killing of C-30 comes on the heels of an expected cybersecurity executive order that may very well curtail more privacy on the Internet for Americans. Maybe it’s time American lawmakers looked north for a little inspiration for how Internet surveillance should really work – limited and transparent.

Ars Technica reports that the final CleanIT report has been published ahead of its final conference on Wednesday. The report discusses methods in which the government, private companies and individuals can help reduce the proliferation of terroristic content on the Internet. The report suggests that EU member states work together to decrease the amount of terroristic content online, while Internet companies should “state clearly in their terms and conditions that they will not tolerate terrorist use of the Internet on their platforms.”

So, you’ve seen what the government wants itself and companies to do, but what should you, the model EU citizen, do? The report calls for a reporting mechanism to be built into Web browsers so citizens can flag terrorist content:

Challenge:
While content portals (like social networks, image or video portals) can offer ‘flagging’ opportunities, other platforms (like hosted websites) often lack such a mechanism. Moreover, there is not one international, user-friendly reporting mechanism available to all Internet users, irrespective of which part of the Internet they are using at the moment they notice what they think is terrorist use of the Internet.

Best practice:
A browser-based reporting mechanism could be developed to allow end users to report terrorist use of the Internet.

In essence, the CleanIT group wants to put a little panic button at the top right of your browser that’s for terrorist reporting. If you see a terrorist Web site, you click the button and the URL is sent away to the Internet police. What could possibly go wrong?

As Ars Technica puts it, “plenty” could go wrong. The main concern is that nobody can agree on what constitutes terroristic content. Is it a blog post of somebody using violent rhetoric? Is it the Twitter account of a known terrorist cell? Does anybody even have the right to remove such content, or does it fall under free speech protections? Can people abuse the reporting system to have content removed without due process? These are questions that the group will have to answer at its conference on Wednesday.

The proposals will also face some serious scrutiny at the conference as it has already been reportedly criticized by lawyers, civil rights groups, and even the peer reviewers that evaluated the final report. One of the peer reviewers criticized the CleanIT report saying that it “does not clearly explain how the objective is to be reached… Therefore I have substantial doubts if it possible to achieve the desired objective this way.”

As the peer reviewer points out, stopping the flow of terroristic content on the Web, or any content for that matter, is incredibly difficult. The U.S’s Bipartisan Policy Center said just as much in a report it published last year about terroristic content online. The report said that the best chance of stopping terrorism online is to reduce the supply and demand for such content. Drawing attention to it, which CleanIT’s proposal may very well do, is only going to further the cause of those who use the Internet to recruit and communicate with other terrorists and ne’er-do-wells.

The CATO Institute recently put together a short video detailing how rushed the FISA debate was before it was passed by the Senate. It goes into detail on all the amendments proposed by the likes of Rand Paul, Patrick Leahy, Ron Wyden and others. These amendments would have better protected the fourth amendment in the digital age, but the bill’s supporters were having none of it.

As TechDirt points out, the most insane moment of the entire debate is when Sen. Dianne Feinsteine, the bill’s sponsor, said Wyden’s request to know how many Americans have been targeted by FISA must be kept secret for a secret reason. She claims to have a classified document that contains the reason, and she’s willing to show it, but isn’t willing to let anyone read it.

It’s ridiculous to think that a law that should only be targeting foreign communications is wrapped in so many secrets regarding its use in targeting U.S. citizens. It’s like the government is saying that you signed away your digital rights as soon as you started using the Internet or a mobile device. It seems that the only way to truly protect your privacy anymore is to completely remove yourself from the Internet, and only use forms of communication that are protected by the fourth amendment – like snail mail.

What do you think of facial recognition? Do you find it amazing or frightening? Let us know.

A handful of companies, including Face.com, is bringing this exciting concept to everyone. Gil Hirsch, Face.com’s CEO, spoke with WebProNews and told us that people are becoming increasingly captivated with data and how it relates to other people they know.

“People are interested to harvest as much information they can from photos and videos… to connect with other people,” he said.

“It’s [Face.com] just another platform to connect with other people,” he added.

Face.com powers the popular Photo Finder and Photo Tagger Facebook apps. It also sends alerts to Facebook users if it thinks a picture or video of him or her may have been uploaded.

Hirsch believes the service enables a “deeper value of connecting,” and said it continually makes improvements. For instance, the Israel-based company recently updated its API and added several attributes. Not only can the company read faces, but now, it can also detect a subject’s age, gender, and even mood.

According to Hirsch, they play around with a lot of different attributes based on what users want to learn. With the recent improvements, Face.com can detect a person’s minimum age, maximum age, estimated age, and the confidence level of its estimations. It can also detect what the gender is and make an assumption about the mood of the person.

The news of the improvements have been widely publicized, but most of the headlines have focused on the fact that fake ID’s would be much harder to use with this new development. Although it’s true, Hirsch told us that this was not the company’s intention.

“We are not looking for security or surveillance-type of applications,” he said.

However, society continues to associate facial recognition with security purposes or in relation to spying on people. As a result, a lot of people are freaked out by it. Hirsch, in part, blames Hollywood for this association.

“Hollywood only presented face recognition as this one-trick pony… that you can only do surveillance and follow up on people,” he explained. “We’re trying to do something very different.”

The International Biometrics and Identification Association (IBIA) raised some red flags about the concept in a recent report. According to the organization, facial recognition applications “must be deployed with utmost sensitivity to the privacy of the consumer and the general public.” It also calls for self-regulatory measures for the industry.

Hirsch told us that it takes privacy very seriously and is trying to change the perception that facial recognition is directly related to surveillance. Face.com, along with Google, Facebook, and other companies, recently presented their work to the FTC to show that they care about user privacy.

For Face.com, specifically, the API is restrictive. There is a limit to the number of images that are processed, and the recognition is limited to only the people you know. In other words, a person can’t simply point a camera to anyone on the street and see who they are.

“We’re looking for value-added services – stuff that makes people feel good about the service, not bad,” said Hirsch.

He went on to say that Face.com already enforces self-regulation since it is focused on the end user experience. He also said that it would “make sense” to have a industry standard to not only ensure that users are protected, but to also change the negative perception that is often equated with facial recognition.

Has your opinion of facial recognition changed? Why or why not? We’d love to hear your thoughts.

Scared yet?

As pointed out by GeekOSystem.com, the applications for such software are naturally aimed at surveillance programs, ones that monitor a large number of people at a given time. Think sporting events, shopping malls, and public transportation hubs. Leading the article is a video that details the software, and shows the various applications its capable of. Let’s just say recognizing and storing these faces is only the beginning.

Scanned faces can then be searched for in other footage, allowing the watchers to monitor the selected person’s activity, provided there’s additional footage of them available. GeekOSystem’s take on the application of such software is even more revealing:

Once you have a face identified with the system, you can click the thumbnail and receive a wealth of search results, including every other clip the identified individual is in. This allows you to pick out someone sketchy in one scene and immediately see where they were before and after, plus it also allows you to upload a suitable photo and then use the system to see if the person is, or isn’t, in the area. That is, so long as they’ve glanced towards a camera.

This sounds like something the British Government would wholly embrace.

In an article titled, “The NSA Is Building The Country’s Biggest Spy Center (Watch What You Say)”, Wired writer and NSA expert James Bamford detailed the agency’s new “Utah Data Center” that will spy on communications from around the world and from America’s own citizens.

Bamford described an NSA that has set up a national infrastructure tailored towards the collection and decryption of millions of messages sent from Americans to other Americans. It’s Big Brother at its best and Bamford claims it’s being done in total secrecy.

That alone is pretty damning of the NSA, but there’s more. Bamford talked to a lot of eyewitnesses and got the inside story of what may be a huge scandal if revealed to be true. Congress got wind of this story and invited NSA chief General Keith Alexander to defend his agency.

In all, he denied the allegations made in the Wired story a total of fourteen times. After explaining that the NSA doesn’t have the technical capability to spy on the sort of level described by Bamford, he replies to every other subsequent question with just a “no.”

Check out the video of the proceedings. You can decide for yourself if General Alexander was being truthful or not.

The Internet is pretty sensitive to these sort of allegations. Even if the NSA is not collecting information, the very thought is enough to send the Internet into a tizzy.

[Source: Wired]

Joanne Kuzma of the University of Worcester, England, has analyzed photos that clearly show children’s faces on the photo sharing site Flickr. She found that a significant proportion of those analyzed were geotagged and a large number of those were associated with 50 of the more expensive residential zip codes in the USA.

The location information could possibly be used to locate a child’s home or other location based on information publicly available on Flickr,” explains Kuzma. “Publishing geolocation data raises concerns about privacy and security of children when such personalized information is available to internet users who may have dubious reasons for accessing this data.”

Geotagging is the process of adding geographical identification metadata to various media, including photographs. The necessary tools are often built into camera and camera phones and either use the mobile phone networks or global positioning system (GPS) to pinpoint a given photo. The tool is very useful for photographers wanting to keep track of the places they shoot. The same technology can also have applications in forensics. Websites such as Flickr and many other photo-sharing and social networking sites can also utilize this metadata or allow users to add the appropriate geotags to their photos manually.

Flickr automatically strips geotag information from uploaded photos unless the user has specified that they wish that info to be maintained. In those cases, Flickr even features a mapping interface so a photos location of origin can be viewed on a map.

Kuzma found that all the zip code locations analyzed had geotagged images of children, new babies in and around the family homes, all searchable in the public areas of the site. All of the geotagged images could easily be superimposed on a map of a given area, which Kuzma suggests might pose a significant security and privacy risk.

She says that users should understand the implications of this new technology and post only appropriate data to protect themselves and their children. However, she also adds that, “The industry needs to better inform parents and individuals who post pictures to public websites that geolocation information can have both advantages as well as repercussions, as safety must be a priority.”

Some have expressed concern that such ubiquitous tracking of license plates is a violation of the Fourth Amendment to the U.S. Constitution., which protects citizens against unreasonable search and seizure and outlines the necessity of warrants in searches.

However, the counter-argument is that the U.S. Supreme Court ruled in 1967 that the Fourteenth Amendment’s protections only apply when there is a “reasonable expectation of privacy”. License plates are issued by the state, and technically remain property of the state. Police are certainly permitted to read and run your plates. Supporters of the scanning technology say that this only allows them to do that faster. Beyond that, the rules of probable cause and searches still apply.

The great concern that some have now is that data from these scans is now being compiled. They fear that profiles can be built to construct a data “picture” of a person’s movements. Over time, that kind of tracking, can yield quite a profile on a person in terms of personal habits and proclivities. And, if your cameras are concentrated thickly enough in an area (Washington, DC has one reader per square mile, so far) that picture gains definition quickly. With enough info, it is almost as unbroken a stream of info as a GPS tracking device would provide.

And now, there is a new wrinkle. This data is not held by the police, but by a private company.

California-based Vigilant Video sells license plate scanners. It has competitors. But, what Vigilant does is unique. They compile a database of the scans – hundreds of millions of them – and have built the National Vehicle Location Service. The service is available to use for free by law enforcement.

What sort of result could come from identifying and tracking capability held by private companies?

Of course, we already have that, to some degree. For example, on a Facebook post I made recently about reading Stephen King’s newest book, this appeared:

We’re used to those. But, could we get to the level of Minority Report ads? Is it a matter of “if”? Or of “when”?

I’m glad you asked.

Have a look at one of Vigilant Video’s other databases. This one is called LineUp. It stores facial and full-body recognition profiles into a database. Profiles, not just of someone committing a crime, but of anyone who walked into the surveillance area.

Of course, Vigilant Video company reps are quick to point out that only authorized law enforcement agencies can use their databases. But, privacy advocates are always quick to add: “For now…”

While social media sites like Twitter and Facebook have become integral for protesters to organize events, government officials in Malaysia have taken a page out of this playbook and used it against the protesters. Wall Street Journal describes the effort:

The Royal Malaysia Police are now using their own official Facebook and Twitter pages – typically filled with traffic warnings and information on crime rates – to hopefully prevent a planned rally in support of Malaysian opposition leader Anwar Ibrahim on Jan. 9, when the verdict on his two-year sodomy trial is expected.

Sharing photos and videos of past riots – including the raucous London demonstrations that shook Britain last August – the Malaysian police warned that peaceful assemblies can easily devolve into chaos, and “should be a lesson” to Malaysians.

“Should be a lesson”? Nice words of intimidation and fear-mongering. Still, the Facebook page for the Malaysian police don’t seem to be short on popularity as it has nearly 100,000 likes while their Twitter account, which was only launched last September, has nearly 10,000 followers. Of course, likes and followers does not necessarily imply support for the government’s tactics. It could just as well be an online episode of cat-and-mouse between protesters and the government: government watches the protesters, and the protesters watch the government. While both sides try to stay one step ahead of the other, the meantime result is the perception of greater online popularity. But is anybody even really surprised that the government is using social media to monitor the activity of dissident groups? Malaysia’s police aren’t alone in this act nor are they the first.

In what sounds like the most dystopian novel I’ve ever read, Wikileaks explained the extent of the surveillance operation in a release:

International surveillance companies are based in the more technologically sophisticated countries, and they sell their technology on to every country of the world. This industry is, in practice, unregulated. Intelligence agencies, military forces and police authorities are able to silently, and on mass, and secretly intercept calls and take over computers without the help or knowledge of the telecommunication providers. Users’ physical location can be tracked if they are carrying a mobile phone, even if it is only on stand by.

But the WikiLeaks Spy Files are more than just about ’good Western countries’ exporting to ’bad developing world countries’. Western companies are also selling a vast range of mass surveillance equipment to Western intelligence agencies. In traditional spy stories, intelligence agencies like MI5 bug the phone of one or two people of interest. In the last ten years systems for indiscriminate, mass surveillance have become the norm. Intelligence companies such as VASTech secretly sell equipment to permanently record the phone calls of entire nations. Others record the location of every mobile phone in a city, down to 50 meters. Systems to infect every Facebook user, or smart-phone owner of an entire population group are on the intelligence market.

The Wikileaks release also explains that citizens involved in overthrowing their respective dictators during the Arab Spring this year discovered listening rooms “where devices from Gamma corporation of the UK, Amesys of France, VASTech of South Africa and ZTE Corp of China monitored their every move online and on the phone.” Further, the Spyfiles announcement details how surveillance entities in the U.S., Italy and France have manufactured viruses to infiltrate private computers and smart phones – they’re looking at you, iPhone, Blackberry, and Gmail users – in order to essentially hijack the device and record its every movement.

Wikileaks cohort OWNI have taken the Spyfiles release and created a remarkably fascinating – and outright terrifying – interactive map to help make sense of this new information to the visually-inclined. Go ahead and play around with it and become scared.

Not included in the video above is an extended account of how intelligence surveillance isn’t only limited to certain regions of the world:

But software users in the West are not safe either. Assange and other members of the panel told reporters how Western intelligence services used electronic devices to monitor the activities of its citizens. In Britain MI5 apparently used specialized voice recognition software implanted into cell phones that could make out who was speaking to whom. Other intelligence agencies had the ability to figure out where exactly the user was located, what they were typing and what they looked like. One of the programs allowed agencies to take photos of unsuspecting victims by using cameras implanted into their phones.

One intrepid tweeter already seems to have corroborated Wikipedia’s claim:

More mysterious is that Wikileaks seems to be experiencing some accessibility issues with their website right now following the release of the Spyfiles:

Not to be crass about what has been a pretty sobering article up to this point, but does this mean that I should hurry up and pay my parking tickets now or is it really just too late to even worry about that?