Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2013 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy, UNSW Visiting Professor in Computer Science, ANU.

Similar presentations

Presentation on theme: "Copyright 2013 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy, UNSW Visiting Professor in Computer Science, ANU."— Presentation transcript:

1 Copyright 2013 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy, UNSW Visiting Professor in Computer Science, ANU Chair, Australian Privacy Foundation (APF) Advisory Board Member, Privacy International (PI) Secretary, Internet Society of Australia (ISOC-AU) {.html,.ppt} CPDP – Brussels – 24 January 2013 State Surveillance and Its Governance

2 Copyright 2013 2 State Surveillance and Its Governance AGENDA Categories of Surveillance PoV Surveillance as an Example Governance Principles for State Surveillance How to Get Them

3 Copyright 2013 3 Categories of Surveillance 1.Behavioural Surveillance (Observation) 2.Communications Surveillance (Interception) 3.Dataveillance 4. Location and Tracking Surveillance 5.Body Surveillance 6.Experiential / Attitudinal Surveillance (Reading, Associations) Combined, Omnipresent and/or Omniscient 'Überveillance' ==> Emergent Omnipotence?

4 Copyright 2013 4 State Use of the Categories of Surveillance 1.Physical Surveillance Unaided watching and listening – eyes and ears Aided by technology, incl. telescopic lenses, directional microphones, triggers Recorded 2.Comms Surveillance Eavesdropping Traffic Interception Access to Stored Traffic Reading, eExperiences 3.Dataveillance Consolidation, Matching, Warehousing, Mining Profiling National Id Schemes Spyware, Hacking 4.Loc, Track Surveillance Transaction Trails, Bug-Planting 5.Body Surveillance Anklets, Implants 6.Experiential / Attitudinal Surveillance

5 Copyright 2013 5 Point-of-View Surveillance Base Definition The use of a device to observe and/or record still- or moving-image and/or sound, that has the following characteristics: is human-borne points away from the human; and is designed to capture data from the person's point-of-view or line-of-sight Mounts may be on the head, spectacles, helmet, etc. May be obvious, non-obvious, or obfuscated

6 Copyright 2013 6 PoVS Technologies Extensions to achieve a Looser Definition Person-Attached Device, other than to the head e.g. shoulder-strap, belt Person-Held Device May be held at the eye, or in front of the eye, but may be held low, held above the head, etc. Personal-Device-Attached Device e.g. on a baton, taser, pistol... 55,000 minicameras mounted on Tasers... (NYT Advertorial, 21 Feb 2012)...

7 Copyright 2013 7 Not-but-Near-to PoVS Technologies CCTV and OCTV: Public Place Government, Corporate Personal ANPR: Fixed Mobile Point-to-Point Vehicle-Mounted In-Car Video (ICV) Drones Device-Mounted, but at, not from Web-cams...

8 Copyright 2013 8 Disbenefits and Risks of PoVS – 1 Requisite Distance Chilling-effect of the eye Inflammatoriness of the eye Get that camera out of my face! Duelling PoVS Falsifiability Suppression and Selectiveness

9 Copyright 2013 9 Disbenefits and Risks of PoVS – 2 Retrospective Use: Suspicion-generation Mapping of Social Networks Guilt by Proximity Revival and extension of Consorting Crimes Behavioural S || Comms S || Dataveillance Real-Time Use: Plausible criminalisation based on identity, location, video footage (and comms?) Predictive Use: Plausible criminalisation based on intention inferred from observed behaviour

10 Copyright 2013 10 Law Enforcement And Nat Sec Agencies (LEANS) Inherent Scope to Avoid Controls Necessary Delegation to Police of the decision to use force, and to arrest Magistrates courts favour police evidence LEANS may provide the only PoVS feed that is available to an investigator or court Failure to impose independent controls over illegal police behaviour

11 Copyright 2013 11 LEANS – Additional Rights and Constraints Examples from Surveillance Devices Act (Cth) Authorised to use optical surveillance devices, in public places, without a warrant, provided that "there is no entry to premises without permission and no interference with any vehicle or thing ( s.37) Judicial Warrants – advantageous conditions ( ss.1- 27) Self-Issued Warrants ( ss.28-36) Warrantless, in a few circumstances ( ss.37-40) ?Warrantless, in many more Can be covert, may be able to be suppressed ( ss.44- 48)

12 Copyright 2013 12 Sur cf. Sous Surveillance (sur = above) Enviro-centric Looks down from above, physically and hierarchically bosses watch employees police watch demonstrators taxis watch passengers shopkeepers watch shoppers Centralised control Often secret Breeds mistrust, which Breeds surveillance Breeds mistrust... Sousveillance (sous = below) Person-centric Looks up from below, less orgd, hierarchical demonstrators watch police shoppers watch shopkeepers citizens watch security people Distributed or no control Often open Individual or Community-based, which Breeds trust After a Steve Mann Analysis

13 Copyright 2013 13 The Range of Possible Counter-PoVS Powers To require a person to not use a PoVS device, in relation to particular activities, or in particular places To require a person to do an act re their PoVS devices: Delete recordings of particular activities To take actions in relation to a persons PoVS devices: Seize, i.e. remove from the person's possession Delete existing recordings of particular activities Disable particular functionality Inflict damage Destroy Confiscate, i.e. retain long-term or indefinitely

14 Copyright 2013 14 Actual Counter-PoVS Powers Under Australian and NSW Laws Major Events (Olympics, Gx, APEC, CHOGM,...) APEC Meeting (Police Powers) Act 2007 (NSW) Self-Authorised Special Powers – LEPRA Law Enforcement (Powers & Responsibilities) Act 02/07 (NSW) Enables NSW Police to self-authorise special powers in public places in the event of what it judges to be "public disorder". The powers include stop and search without warrant and without reasonable grounds for suspicion, and seizing and detaining, originally, a communication device, but since 2007 any "thing, if [its] seizure and detention... will assist in preventing or controlling a public disorder" (s.87M) Anti-Terrorism Laws

15 Copyright 2013 15 Counterveillance Principles 1.Independent Evaluation of Technology 2.A Moratorium on Technology Deployments 3.Open Information Flows 4.Consultation and Participation 5.Evaluation / Surveillance Impact Assessment 6.Design Principles ==> 7.Review Against Those Principles 8.Rollback

16 Copyright 2013 16 The Regulation of Surveillance – Design Principles 1.Justification 2.Proportionality 3.Openness 4.Access Security 5.Controlled Use 6.Controlled Disclosure 7.Controlled Publication 8.Non-Retention and Rapid Destruction 9.Review 10.Withdrawal

17 Copyright 2013 17 State Surveillance and Its Governance AGENDA Categories of Surveillance PoV Surveillance as an Example Governance Principles for State Surveillance How to Get Them

18 Copyright 2013 18 Standards Documents International Telecommunications Union (ITU, since 1865) Institute of Electrical and Electronics Engineers (IEEE, since 1884/1912/1963) International Organization for Standardization (ISO, since 1947) Internet Engineering Task Force (IETF, since 1986/1992) British Standards Institution (BSI, since 1901) US Govt National Institute of Standards and Technology (NIST, since 1901) American National Standards Institute (ANSI, since 1916) Deutsche Industrielle Normen (DIN, since 1917) Standards Australia (SA, since 1922) Origins in the Engineering Professions, esp. Construction

19 Copyright 2013 19 The Politics of Standards Institutionalisation and Scale Influence = ƒ( Meritocracy / Technocracy ) From Volunteer Professionals To Corporations, Government Agencies, Industry Associations Consumers / Citizens / Reps / Advocates ?? Influence from muted to nil, due to: Dominance of Meritocracy/Technocracy Dominance of Corporate Power Limited Resources for Analysis, Travel

20 Copyright 2013 20 So... Civil Society Standards Documents An alternative voice to the documents that are published by and for industry, and by and for governments A counter-balance to the power of industry and governments An antidote to civil society's exclusion / weak voice in industry standards processes Public Expectations: Articulated Communicated Available in Advance Benchmarks: Established Applied by Civil Society Applied by Others Protection of the public from badly conceived projects Assurance for investments both public and private

21 Copyright 2013 21 How To Get Governance Promulgate Standards Hammer Home the Absence of Governance Evaluate Against Those Standards Expose, and Exploit Embarrassment Media Backgrounders Media Releases Formal Reports by Civil Society Build External Coalitions of Interest Anonymity is needed by Undercover Operatives Location and Tracking Threatens Marketing, Strategy and Merger&Acquisition Execs

22 Copyright 2013 22 Roger Clarke Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy, UNSW and in Computer Science, ANU Chair, Australian Privacy Foundation Advisory Board Member, Privacy International Director, ISOC-AU {.html,.ppt} CPDP – Brussels – 24 January 2013 State Surveillance and Its Governance

23 Copyright 2013 23

24 Copyright 2013 24

25 Copyright 2013 25 The Blurring of Speculative Fiction and Reality

26 Copyright 2013 26 Dimensions of Surveillance 1.Of What? 2.For Whom? 3.By Whom? 4.Why? 5.How? 6.Where? 7.When?

27 Copyright 2013 27 General Rights to Use PoVS On the Persons Own Property A general right, subject to provisos On Other Peoples Property A revocable right, subject to provisos In a Private Place Only if a party to the conversation? In a Public Place If a reasonable expectation of privacy exists Usability if obtained without permission? in breach? in violation of a denial of consent? e.g. breach of confidence? Privacy Act use / disclosure?

28 Copyright 2013 28 Constraints on General Rights to Use PoVS Property-Related Constraints On (or near?) Government Property Military Properties – Crimes Act (Cth) s.82 Clth Properties – Crimes Act (Cth) s.89 Designated Areas (Sydney Opera House!?) On Other Peoples Property Can be precluded internally, but maybe cannot preclude looking into the premises ?However, not inside a building if a reasonable expectation of privacy exists In Workplaces (NSW, ACT only?) mere notice that surveillance is undertaken some limits on private place magistrates authority for covert surveillance

29 Copyright 2013 29 Constraints on General Rights to Use PoVS Censorship and Anti-Voyeurism Laws (peeping-tom, upskirting, downblousing) ? Torts Land – Trespass, Nuisance Person – Trespass, Obstruction, Assault, AVOs (NSW)?? Emotional State – Harassment, Stalking, PSIOs (Vic)? Deceit – Factual Misrepresentation??, Passing-Off?? Specific Legislation, e.g.: Major Events (Olympics, G8, APEC) ?Party to the conversation ?Eavesdropping is/was a common-law offence But, in NSW, deleted in 1995 (s.580B of Crimes Act) ?Direct action by the subject of the surveillance; but protections are for PoVSers rather than the aggrieved

30 Copyright 2013 30 State Surveillance and Listening Devices Acts Vic, WA, NT (1998-2000) & NSW (2007), Qld Surveillance Devices Acts Prohibition of surveillance of a private activity, except: by someone who is a party to the activity if the activity is happening outside the building; or if the circumstances indicate that the parties do not care if they are seen SA, Tas, ACT 1971, 1972, 1990 Prohibition of aural surveillance of a private activity, except... Workplace (NSW, ACT) Must be declared Covert only with a magistrate's approval Anti-Voyeurism laws may put toilets, bathrooms, change-rooms off-limits

31 Copyright 2013 31 Unenforced Laws Candice Falzon & Sonny Bill Williams – April 2007 Apparently in breach of Crimes Act 1900 (NSW) ss. 91I-91M re voyeurism, and Surveillance Devices Act 2007 (NSW) s.8 re optical surveillance, BUT no prosecution found

32 Copyright 2013 32 Pragmatic Constraints Many public places are government-owned and some are privatised (e.g. airports) Powerful organisations are able to achieve a great deal more than weaker organisations and individuals: Larger Real Estate (industrial and commercial premises, hospital and university campuses, malls,...) Access to Parliaments, by: Government agencies Large corporations Industry associations

33 Copyright 2013 33 recording-a-police-officer-could-get-you-15-years-in-jail/

34 Copyright 2013 34 Uncontrolled Use of Such Laws in Australia December 2008 re Nick Holmes a Court Camera-enabled Blackberry confiscated Without apparent justification Presumption of authority under Anti-Terrorism laws Reports suggest previous such incidents australian-threatened-with-arrest-under-australian-anti- terrorism-act-for-being-a-citizen-journalist fna7dq6e-1111118412772

35 Copyright 2013 35 article_017a720a-56ce-11e1-afc4-001871e3ce6c.html

36 Copyright 2013 36 Precepts Terrorism is not new and nor is it unusual Although the 'power to weight ratio' of a single strike has increased (because fewer terrorists can deliver a bigger payload), this does not have particularly significant implications for public policy Reactionary extremism must not be accepted at face value. National security and law enforcement interests cannot have carte blanche to do what they say needs to be done in order to counter the threats Secrecy is not a necessary pre-condition of Security It is not legitimate to treat Public Safety issues as though they were National Security matters A single State identity does not stop 'virgin terrorists'

37 Copyright 2013 37 Law Reform Recommendations – Ignored? 1983Australian Law Reform Commission appears to have addressed some aspects relevant to the issues (ALRC 1983, c. para. 1125) 1995NSW Privacy Committee provided Recommendations in relation to surveillance in the workplace (NSWPC 1995) 2005NSW Law Reform Commission made Recommendations in relation to both Overt Surveillance and Covert Surveillance (NSWLRC 2005) 2008Australian Law Reform Commission briefly discussed surveillance, made no direct Recommendations but Recommendation 74-1 re a Statutory Cause of Action lists as an example of a serious invasion of privacy:... (b) where an individual has been subjected to unauthorised surveillance (ALRC 2008) 2010Victorian Law Reform Commission recommended a law and a set of guiding principles for the responsible use of surveillance devices in public places (VLRC 2010)

38 Copyright 2013 38 Challenges Involved in Achieving Balance Advertorials, even in the NYT, today 21 Feb 12 Public-Private Partnerships cf. Procurement Probity Policemen in Corporate Promo Videos One-Sided Expression of Potential Benefits e.g. negating false complaints cf. appropriate resolution of complaints Marginalisation of Disbenefits and Risks Absence of Risk and of Privacy Impact Assessment Absence of Consultative Processes with Advocates Absence of Requirements-Based Scheme Design

39 Copyright 2013 39 Media Use of (PoV)Surveillance – Specific Principle DO NOT, unless a clear justification exists: seek or gather personal data observe or record personal behaviour Base justification only on: consent by the person to whom the data relates express legal authority; or an over-riding public interest The nature of the activities, and their degree of intrusiveness: must reflect the nature and extent of any consent provided must reflect the nature and extent of any express legal authority; and must be proportionate to the nature and significance of the public interest arising in the particular circumstances

40 Copyright 2013 40 Media Use of (PoV) Surveillance Controlled Activities 1.Activities that intrude into the person's private space 2.Activities that intrude into the person's reasonable expectations, even though they are in a public space 3.Deceit, such as: masquerade misrepresentation or subterfuge pretexting / blagging, masquerade unexpected observation or recording 4.Exploitation of vulnerability, naiveté or ignorance, esp. children, limited mental capacity, etc. 5.Intrusions into private space of people in sensitive situations 6.Coercion, incl. implication of a legal or moral obligation, intimidation, excessive persistence 7.Perceived trespass, nuisance, obstruction, pursuit, harassment or stalking

41 Copyright 2013 41 Australian Privacy Foundation (Sep 2009) Policy Statement re Visual Surveillance 1.Justification... a Privacy Impact Assessment (PIA) must be conducted...... publication of a clear explanation...... public consultation...... consideration of less privacy-invasive alternatives 2.Proportionality... benefits... must outweigh the negative impacts...... no more intensive... and no more extensive than justified

42 Copyright 2013 42 Australian Privacy Foundation (Sep 2009) Policy Statement re Visual Surveillance 3.Openness / Transparency Covert requires formal, specific and bounded legal authority, issued by an independent judicial institution Overt, in private space and in public spaces where a reasonable expectation of privacy exists,, and must disclosed and clearly notified Overt, in public spaces, must be disclosed, clearly notified In all cases, any identifiable data arising, under any circumstances, must be treated as personal data under data protection laws

Download ppt "Copyright 2013 1 Roger Clarke Xamax Consultancy, Canberra Visiting Professor in Cyberspace Law & Policy, UNSW Visiting Professor in Computer Science, ANU."

Similar presentations

Ads by Google