すべて読む | オープンソースセクション | オープンソース | Wine |
関連ストーリー:
雑誌データをAIで分析して醸造したクラフトビールが登場 2020年07月16日
厚労省、やむをえない場合に医療機関で酒類を消毒液として使用することを認める通達を出す 2020年04月13日
コロナ対策の消毒用にメタノールを使うトラブルへの懸念、イランでは死亡事故も 2020年03月11日
LGが家庭用ビール醸造マシンを発表、日本では酒税法に注意 2019年01月17日
インディカーのエタノール燃料に2000万円の酒税 2007年02月10日
すべて読む | オープンソースセクション | オープンソース | Wine |
関連ストーリー:
雑誌データをAIで分析して醸造したクラフトビールが登場 2020年07月16日
厚労省、やむをえない場合に医療機関で酒類を消毒液として使用することを認める通達を出す 2020年04月13日
コロナ対策の消毒用にメタノールを使うトラブルへの懸念、イランでは死亡事故も 2020年03月11日
LGが家庭用ビール醸造マシンを発表、日本では酒税法に注意 2019年01月17日
インディカーのエタノール燃料に2000万円の酒税 2007年02月10日
In the days following the police shooting of Jacob Blake on August 23, 2020, hundreds of protestors marched in the streets of Kenosha, Wisconsin. Federal law enforcement, it turns out, collected location data on many of those protesters. The Bureau of Alcohol, Tobacco and Firearms (ATF) used a series of “geofence warrants” to force Google to hand over data on people who were in the vicinity of—but potentially as far as a football field away from—property damage incidents. These warrants, which police are increasingly using across the country, threaten the right to protest and violate the Fourth Amendment.
Geofence warrants require companies to provide information on every electronic device in a geographical area during a given time period. ATF used at least 12 geofence warrants issued to Google—the only company known to provide data in response to these warrants—to collect people’s location data during the Kenosha protests. The center of each geographic area was a suspected arson incident. However, the warrants reach broadly and require location data for long periods of time. One of the warrants encompassed a third of a major public park for a two-hour window during the protests. The ATF effectively threw a surveillance dragnet over many protesters, using “general warrants” that violate the Fourth Amendment and threaten the First Amendment right to protest free from government spying.
Police can use geofence warrants to collect information on and movements of innocent people at protests. This can include device information, account information, email addresses, phone numbers, and information on Google services used by the device owner, and the data can come from both Android and Apple devices. Someone who goes to a protest and happens to be nearby when a crime occurs may get caught up in a police investigation. Police in Minneapolis, for example, used a geofence warrant during the protests over the killing of George Floyd. The public only learned about it because the dragnet, centered around a property damage incident, caught an innocent bystander filming the protests, and Google notified him (which it doesn’t always do). The police can also use this data to create dossiers on activists and organizers.
In this way, geofence warrants also eliminate anonymity that people may rely on in order to protest or otherwise freely associate in public spaces. Law enforcement’s ability to catalogue the location of peaceful protestors will chill their exercise of their First Amendment rights. This is especially problematic when, as with the August 2020 protests in Kenosha, people are taking to the streets to hold the police themselves accountable.
Google recently published data showing that police have issued at least 20,000 warrants, just over the last three years, and the sheer volume of these warrants is increasing exponentially year over year. For example, California issued 209 geofence warrant requests in 2018, but in 2020, it issued nearly 2,000. Each warrant may result in the disclosure of information on tens or hundreds of devices. The vast majority of these warrants are issued by state and local police, which makes them difficult to track.
Google must start standing up for its users against this massive overreach. In addition to serious harms to privacy and free expression, geofence warrants operate without transparency. After years of pressure, Google has finally provided some limited data. But the vast majority of geofence warrants remain sealed, with no information from Google or law enforcement on their targets, geographic area and length of time, and their purported justifications. As a result, most people have no way of knowing whether they are caught up in one of these dragnets. Such uncertainty further chills the constitutional rights to freely protest and associate.
The twentieth anniversary of the attacks of September 11, 2021 are a good time to reflect on the world we’ve built since then. Those attacks caused incalculable heartbreak, anger and fear. But by now it is clear that far too many things that were put into place in the immediate aftermath of the attacks, especially in the areas of surveillance and government secrecy, are deeply problematic for our democracy, privacy and fairness. It’s time to set things right.
The public centerpiece of our effort to increase government surveillance in response to the attacks was the passage of the Patriot Act, which will have its own 20th anniversary on October 26. But much more happened, and far too much of it was not revealed until years later. Our government developed a huge and expensive set of secret spying operations that eviscerated the line between domestic and foreign surveillance and swept up millions of non-suspect Americans' communications and records. With some small but critical exceptions, Congress almost completely abdicated its responsibility to check the power of the Executive. Later, the secret FISA court shifted from merely approving specific warrants to a quasi-agency charged with reviewing entire huge secret programs without either the knowledge or the authority to provide meaningful oversight. All of these are a critical part of the legacy of September 11.
Yet even after all of these years, there’s no clear evidence that you can surveil yourself to safety.
Of course, we did not invent national security or domestic surveillance overreach 20 years ago. Since the creation of the Federal Bureau of Investigation in the early twentieth century, and the creation of the National Security Agency in 1952, the federal government has been reprimanded and reformed for overreaching and violating constitutionally protected rights. Even before 9/11, the NSA’s program FAIRVIEW forged agreements between the government agency and telecom companies in order to monitor phone calls going in and out of the country. But 9/11 gave the NSA the inciting incident it needed to take what it has long wanted: a shift to a collect-it-all strategy inside the U.S. to match, in many ways, the one it had already developed outside the U.S., and the secret governmental support to try to make it happen. As for those of us in the general public, we were told in the abstract that giving up our privacy would make us more secure even as we were kept in the dark about what that actually meant, especially for the Muslims and other Americans unfairly targeted.
The surveillance infrastructure forged or augmented in the post-war-on-terror world is largely still with us. In the case of the United States, in addition to the computer servers, giant analysis buildings, weak or wrong legal justifications, and the secret price tag, one of the lasting and more harmful effects has been on the public. Specifically, we are still too often beholden to the mentality that collecting and analyzing enough information can keep a nation safe. Yet even after all of these years, there’s no clear evidence that you can surveil yourself to safety. This is true in general but it’s especially true for international terrorism threats, which have never been numerous or alike enough to be used to train machine learning models, much less make trustworthy predictions.
But there are copious amounts of evidence of ongoing surveillance metastasis: the intelligence fusion centers, the national security apparatus, the Department of Homeland Security, enhanced border and customs surveillance have been deputized to do things far afield from their original purpose of preventing another foreign terrorist attack. Even without serious transparency, we know that those powers and tools have been used for political policing, surveilling activists and immigrants, denying entry to people because of their political stances on social media, and putting entire border communities under surveillance.
The news in the past 20 years isn’t all bad, though. We have seen the government end many of the specific methods developed and deployed by the NSA immediately after 9/11. This includes the infamous bulk call details record program (albeit replaced with an only slightly less problematic program). It also includes the NSA’s metadata collection and the “about” searching done under the UPSTREAM program off of the Internet backbone. We also have cut back on the unlimited gag orders accompanying National Security Letters. Each of these was accomplished through different paths, but none of them exist today as they did immediately after 9/11. We even pushed through some modest reforms of the FISA court.
But the biggest good news is the growth of encryption across the digital world, from the encrypting of links between the servers of giants like Google, to the Let’s Encrypt project encrypting web traffic, to the rise of end-to-end encrypted tools like Signal and WhatsApp that have given people around the world greater protections against surveillance even as the governments have become more voracious in their appetites for our data. Of course, the fights over encryption continue, but we should note and celebrate our victories when we can.
Other nefarious programs continue, including the Internet backbone surveillance that EFF has long sought to bring to the public courts in Jewel v. NSA. And in addition to federal surveillance, we’ve seen the filtering of the “collect it all” mentality manifest in our local police departments both through massive surveillance technology injections and in the slow enmeshing of local with federal surveillance. We still do not have a full public account of the types and scope of surveillance that has been deployed domestically, much less internationally, although EFF is trying to piece some of it together with our Atlas of Surveillance.
Twenty years is a good long time. We now know more of what our government did in the aftermath and we know how little safety most of these programs produced, along with the disproportionate impact it had on some of our most vulnerable communities. It’s time to start applying the clear lessons from that time and continue to uncover, question, and dismantle both the mass surveillance and the unfettered secrecy that were ushered in when we were all afraid.
This post has been updated to provide additional context about patents and patent applications, which are indications of an entity’s interest in a particular product but not proof that the product is currently in development or available for use. You can read more about the role of patents in this series in our post, “The Catalog of Carceral Surveillance: Patents Aren't Products (Yet)”
Prison phone companies have been profiting off the desire for human connection for as long as they’ve been in business. Historically, there’s been one primary instrument for that connection — voice — and only one way to milk it for revenue: by charging exorbitant rates for phone calls. It’s been a profitable business model for both the companies and their partners, the jails and prisons.
In recent years, though, prison reform advocates and the families of people who are incarcerated, sick of dumping their savings into the maws of these phone providers, have worked to tip this cash cow. They made enough noise that the Federal Communication Commission (FCC) set a cap on per-minute charges on interstate phone calls.
So two of the largest providers of prison communications have initiated new ways of mining inmates for income.
Prisoners know their calls while in-custody are generally being monitored. Prisoners may also be aware that they’re being recorded (both legally and not so legally). Still, it may shock prisoners that Securus and GTL are working to monetize their ability to eavesdrop on and catalogue thousands of voices traversing the phone lines of penal facilities in nearly every state every day.
In the name of security and fraud prevention, these two prison communications companies have developed ways to store and analyze the trove of voices they’ve recorded. The companies create voice prints of people speaking on a prison’s phone lines. The companies claim that, through multi-modal audio mining, these voice prints can be matched to their databases of voices to identify individuals across phone calls and facilities. These systems are already in place throughout the country, including in Arkansas, Florida, and Texas.
These companies are already notorious for expanding the expense of prison communications beyond the prison to the support networks and families outside. These companies are now working on expanding biometric surveillance to the greater carceral community too. The companies use the technology to identify and profile anyone who has a voice that crosses into a prison. This includes all the parents, children, lovers, and friends of incarcerated people.
In a patent published in January 2021, Securus described collecting audio samples of individuals’ voices both at the moment of intake and while inmates are communicating with people on the outside. Facilities often acquire voice samples by threatening a loss of privileges should an inmate refuse to bow to the surveillance state.
“Here’s another part of myself that I had to give away again in this prison system,” one inmate recalled in a 2019 article by The Intercept after he was told that failing to help train the system to recognize his voice would result in a loss of his ability to use the phone. As with other efforts to mass collect biometric and personal information, what happens to the data once it’s been collected and stored, including with whom it’s shared and who has access, is still an open question.
Securus and GTL have other ideas in the works for possible uses, particularly as these voiceprints can be connected to other databases and people, both in and out of prison.
Securus would like to see automated background checks based on their voice recognition technology. “[D]etainees with criminal records may be released at the end of a short term stay in a holding tank or may be bonded out without being detected," says Securus.
In another patent, GTL claims that it will be able to use voiceprint verification to identify “unauthorized” callers based on whether a second voice on one end of the phone line differs from an initial, authorized voice. So, if a prisoner’s girlfriend rings in and passes the phone to a child whose voiceprint weren’t vetted and approved, the phone system can boot the callers from the call altogether.
Both companies would like to be able to map networks of individuals calling inmates, generating profiles of those who call multiple inmates or who stay in contact with their fellow prisoners once released.
Global Tel*Link has branded its version as Voice IQ. Securus’s own Investigator Pro claims that “You’ve Never Seen Voice Biometrics Like This.”
With these new patents and initiatives, Securus and Global Tel*Link seek to identify, and almost certainly misidentify, more inmates and their families than ever before, forging new frontiers in the ways America’s prison complex can scrutinize the vulnerable.
An earlier version of this article incorrectly identified the owner of a patent claiming the ability to identify "unauthorized callers" via voice print verification as Securus, rather than GTL.
すべて読む | セキュリティセクション | セキュリティ | マイクロソフト | バグ | インターネット |
関連ストーリー:
KADOKAWAの小説投稿サイト「カクヨム」を模倣したフィッシングサイト 2021年09月07日
米国土安全保障省、ランサムウェア攻撃からセンシティブ情報と個人情報を守るためのファクトシートを公開 2021年08月23日
埼玉県警がサイバー攻撃の手口をピクトグラムで表現 2021年08月12日
昨年 7 月の Twitter アカウント大規模侵害事件、新たな逮捕者が出る 2021年07月25日
宅配業者を装ったSMS詐欺が増加。Apple IDとパスワードを取られると対処が困難 2021年06月30日
メルぺイが一部加盟店で利用制限へ。フィッシングメール急増のため 2021年06月09日
ドコモ、フィッシング詐欺対策として「ドコモメール公式アカウント」提供へ 2021年05月27日
聖火リレー動画配信サイトを装うフィッシング詐欺が増加。地方自治体などが注意喚起 2021年05月13日
すべて読む | セキュリティセクション | セキュリティ | マイクロソフト | バグ | インターネット |
関連ストーリー:
KADOKAWAの小説投稿サイト「カクヨム」を模倣したフィッシングサイト 2021年09月07日
米国土安全保障省、ランサムウェア攻撃からセンシティブ情報と個人情報を守るためのファクトシートを公開 2021年08月23日
埼玉県警がサイバー攻撃の手口をピクトグラムで表現 2021年08月12日
昨年 7 月の Twitter アカウント大規模侵害事件、新たな逮捕者が出る 2021年07月25日
宅配業者を装ったSMS詐欺が増加。Apple IDとパスワードを取られると対処が困難 2021年06月30日
メルぺイが一部加盟店で利用制限へ。フィッシングメール急増のため 2021年06月09日
ドコモ、フィッシング詐欺対策として「ドコモメール公式アカウント」提供へ 2021年05月27日
聖火リレー動画配信サイトを装うフィッシング詐欺が増加。地方自治体などが注意喚起 2021年05月13日
すべて読む | ITセクション | ビジネス | Facebook | お金 |
関連ストーリー:
デバイス上で児童性的虐待コンテンツをスキャンするAppleの計画に反対する公開書状、7,000人以上が署名 2021年08月13日
Microsoft365の生産性スコア機能、批判を受け個人監視に関する機能を削除へ 2020年12月03日
中国のネット検閲現場、検閲対象の広がりと共に検閲作業員の需要も増大 2020年05月28日
Facebook、コンテンツに関する判断を行うための監督委員会創設を検討 2019年07月11日
「正社員の解雇が容易になればIT業界の問題は大概片付く」のか 2015年01月06日
空気不要のタイヤ、ブリヂストン開発 2011年12月02日
すべて読む | ITセクション | 日本 | アップグレード | ソフトウェア | ニュース | 政治 | バグ |
関連ストーリー:
みずほ銀行で今年7度目の障害 2021年09月08日
みずほリサーチ&テクノロジーズ、受託先のシステム文書消失が判明 2021年09月07日
みずほグループのシステム障害多発、担当者6割削減が一因か 2021年09月04日
伊万里市ホームページがGoogle八分に。外部からの助言で10日目に復帰するも…… 2021年09月01日
みずほ銀と同信託銀の窓口で大規模システム障害。窓口取引ができず 2021年08月20日
東京の大規模接種センター、26日にシステムに通信障害が発生などのトラブル続く 2021年05月27日
総務省ら、通信量対策のためオンラインイベント情報を事前共有する仕組み構築へ 2021年04月13日
すべて読む | ITセクション | テクノロジー | アップグレード | 医療 | IT | 政府 | Digital |
関連ストーリー:
接触確認アプリCOCOAから得た教訓。政府CIO補佐官 2021年06月12日
行政の公共調達システムが「アジャイル開発」阻むとする指摘。日経新聞 2021年05月12日
GMS非対応のHuawei製スマホにCOCOAは対応するべきか? 2021年04月28日
Android版COCOA、1日1回再起動が必要な不具合を修正。アップデート適用後に一度再起動を 2021年04月22日
厚労省、接触通知アプリCOCOAの業務体制を見直した結果、委託先を1社増加へ 2021年04月08日
接触追跡アプリCOCOA、APIへの対応がバージョン1に留まる。運用委託先は新年度から変更へ 2021年03月18日
接触確認アプリCOCOA、地域ごとの日付フォーマットの違いで利用日数が狂う新たな不具合 2021年03月15日
