WAP (We're All Paranoid)

We're All Paranoid (WAP)
Personal Privacy Under Attack

Wireless Application Protocol (WAP), the technology that allows
internet and email access through the mobile phone networks, offers
enormous economic potential and some of the finest minds around are
working on monetising it. It could also form a significant new tool in
the continuing erosion of personal privacy. Privacy has long been seen
in Europe and the US as a right rather than a privilege. Sadly, this
right has been heavily abused in recent decades.

Phone Taps, Cameras and ID Cards
One technology-created privacy issue that spans the decades is phone
tapping. 'Spycatcher', the book the UK government tried so hard to ban,
talks at length about the long-term, systematic and automatic tapping
of domestic phone conversations by government agencies starting in the
1960's. Even in recent months there has been a row between the British
and Irish governments when it was revealed that MI6 (Military
'Intelligence') have been tapping phones belonging to Irish ministers
and senior civil servants throughout the years of Ulster peace
negotiations. The Irish are understandably upset.

The advent of video enabled CCTV cameras to be installed, initially in
high-security government and military installations and, as the costs
fell, in more and more diverse sites. Remember the days when video
surveillance cameras were mainly evident in banks, building societies
and department stores? Now there's barely a square metre in any town
centre where you are off-camera. And if you're heading out of town,
there are cameras on most major routes and many railway stations,
too.

More recently still, digital photography has opened up the possibility
of storing millions of images on a single server. The government has
been trying to get personal photo ID cards introduced in the UK for
some time, partly as a means of collecting portrait images of every
individual in the country. They argue that it will bring the country in
line with EU neighbours, that it will make the management of nearly 60
million people easier, and that it will reduce paperwork and costs
within the current bureaucracy.

Those against ID cards cite incidents from abroad, both mainland Europe
and some of the more heavy-handed regimes around the world, and the
scope for abuse is massive. A magnetic strip or an on-card chip can
hold all sorts of private data such as salary, bank details and medical
records yet the cardholder cannot read it, and therefore cannot check
or monitor the contents. There is also a clear tendency for an ID card
to be required, over time, in more and more transactions, until it is
virtually impossible to do anything without one. Once they are required
for most transactions, they can then be used for retrospectively
tracking the movements of an individual. For more on this, check out
the Privacy International website at
www.privacy.org/pi/issues/idcard/index.html

The debate has died down for now. But in the meantime, alternatives to
ID cards are being introduced in a disguised form. From October 1999,
all new passports issued in the UK utilise a digital photograph in
place of the standard passport picture. Overtly, this is to enhance
passport security, which is a fair argument. However, one implication
of this is that by 2009, the UK government will own a database holding
around 40 million portrait images. Driving licenses are now being
offered for the first time with a photograph of the holder, where the
same scenario applies.

There are no compulsory ID cards in the UK but if you want to travel,
or you want to drive, then guess what? You're image will be captured
along with your personal details, and that is some way along the ID
track. So why should you be concerned about having a digital rendering
of your delightful features held in a government database? Three words
- Image Recognition Software. Imagine a scenario where a person is
filmed in Central London acting 'suspiciously'. In order to find him,
the police freeze the tape at the best moment for a full facial shot,
have the image recognition software locate matches in the portrait
database, and the 'suspect' is identified immediately. Great news from
a crime control perspective, but ask yourself - do you want all your
movements and actions open to scrutiny at all times without your
knowledge? Is that too high a price to pay for safer streets?

It Gets Worse...
As we continue to bring the picture up to date, it begins to look
seriously grim for personal privacy. Internet activity has long been
monitored in some companies (sometimes down to a keystroke level of
detail), but remote activity monitoring is becoming an important tool,
too, used by the likes of AllAdvantage.com for gathering aggregated
user behaviour information for marketing purposes. And information that
can be aggregated can equally be broken out into individual records.
Both DoubleClick and Yahoo! Have been accused in American courts of
just such practices. Digital television allows for similar,
keystroke-based monitoring of your viewing habits.

Web-enabled video surveillance cameras are already being used for
real-time remote monitoring.

Email tapping is an on-going concern, with the US initially banning
export of 128-bit encryption technology on the basis that it could be
misused by drug smugglers and money launderers to conceal data and
illicit email communications. More recently, bills have been discussed
in Congress allowing the government to tap electronic communications
more or less at will, whilst the FBI unveiled Carnivore, a programme
that can be plugged into an ISPs mail server to trawl through all
emails as they pass through, searching for specific names or
words.

Excalibur, the powerful semantic network search tool able to search
across multiple media, networks and databases, is having the direction
of its development driven by the intelligence communities of the world.
To give some idea on how key this has become, just one of the several
UK spy agencies using it has recently recorded 3,000 simultaneous hits
in normal operation.

WAP phones are now available in Europe and Asia, taking ever more
communication into the wireless format and potentially allowing for
even easier and more widespread invasions of privacy. Not only that,
the Global Positioning System (GPS) is being integrated, not only
telling you where you are and where you're going, but potentially
telling 'Them' that information, too. As WAP phones morph into WAP
devices, the potential for wireless hackers (freelance or
state-employed) to tap into stored data increases, as well as into
phone and email communication.

An Integrated Digital Future
Now look at how all this might pan out.
? Your portrait image is held in a central government database, culled
from your passport and/or driving license and accessible by all
government agencies.
? Linked to your image are the full range of personal information
including medical, police, tax, customs and social security records,
salary, bank and credit data, foreign travel details and stock trading
behaviour.
? Integrated video surveillance is implemented, using the existing
network of CCTV and speed cameras. This is enhanced by real-time video
monitoring over the web and geographical tracking of individuals via
WAP devices with GPS capability.
? Powerful image recognition software sits between the national image
database and the surveillance feeds, able to instantly identify anyone,
anywhere.
? Mega-search capabilities across all media and multiple databases,
enabled by Excalibur, allows for rapid profiling and extensive data
capture on any individual.
? All emails are scanned at the ISP level, and those containing terms
deemed suspicious, or between individuals 'of interest', are stored for
later examination.
? Government databases are linked to privately held databases to pull
in further data on shopping and spending habits, for example, or TV
viewing preferences.
? Your individual profile grows daily through data and surveillance
feeds, with the potential for your entire life to be accessible, with
very few gaps.

Three Scenarios
In conclusion, there are three ways in which the issues of privacy
could develop;
1. It's bleak. Privacy is effectively non-existent. All the above is
either happening or about to happen, plus many more initiatives as yet
unknown.
2. It's fine. Governments and big bureaucratic agencies are basically
cumbersome and incompetent. There is no chance of them ever getting
their act together to the extent described above. And even if the will
is there, there is a strong tendency for massively complex IT-based
projects to be scaled down or scrapped.
3. It's worrying. Things are not as grim as 1, not as disorganised as
2, and we need to remain constantly vigilant to protect remaining
privacy.

Regardless of the 'reality' of the situation, tech companies need to
think quite carefully about their role in the development and
dissemination of Web and WAP technology that has the potential, at
least, to completely erode personal privacy.