Hearing on privacy in wireless networks

Privacy & security in a wireless world

Wireless Silicon Valley is a project of Joint Venture Silicon Valley. JVSC has been promoting ICT infrastructure projects since the mid-90's when it sponsored "Smart Valley" loosely based on Singapore's Intelligent Island but without the intense government involvement. This morning's program is cosponsored by the Santa Clara University Markkula Center for Applied Ethics and the Center for Science, Technology, and Society.

Several towns in the Silicon Valley cloud now offer Internet access via a wireless network installed by a commercial partner. Some are ad-supported such as Google's in Mountain View or the one in Santa Clara, where this workshop is being held.  However, it does not work inside the theater on the Santa Clara University campus. Connection strength varies as you drive around town, but registration is fairly simple, though a first time Internet user would have problems because they demand an email address. What if you want to get online to get one?

This meeting brings speakers from law enforcement, library, corporate, and the ACLU which has long been an advocate for stronger privacy protection. It is timely because recent articles this past week have pointed up the weakness of popular unlicensed networks such as wi-fi hotspots. Commonly available software called packet sniffers allows snoops to capture data flowing across such open networks.

At the opening I counted 65 in the  audience (14 women) while Russell Hancock, CEO JVSV mad some opening remarks including

  "We are frustrated that the technologies we have developed are still not implemented here compared with other geographic areas." There is a wireless task force comprised of CIOs from cities in the region. They issued an RFP with help from Intel and the 'community of vendors' replied. One will be recommended with a press release by September 5.

Context: when you build something new there are issues, and large ubiquitous wireless systems include privacy and security concerns.  In this network operators will know when and where a connection is made. Some of these systems are supported by advertisements, and they want to know a lot about who is using the system.

Al Hammond. a law professor and head of the Broadband Institute moderated the session. He summarized why there is uneven access to high speed access. He says that without BB, "cities will be left behind."  Cities that are reluctant to use taxes to provide this network will allow commercial providers to have access to subscriber data. <Well, cities and other regions are "left behind" for other reasons besides not having a high speed infrastructure for telecommunications.>

Wireless: easier to tap into and there are greater risks to individual privacy: and general security issues for companies and government. Different policy options:

-free and anonymous access. Leave it to the user

-Registered access: know at all times who is using the system

-Active court ordered surveillance: warrants and subpoenas used to restrain govt. intervention.

Policy question for the task force:

-How should this project manage these issues?

How much of the response. to protect privacy and sec should be for cities or providers or the user?

Once allocated, how should the protection of privacy and security be accomplished?

An agenda and some short position papers were handed out. These will be on the project web site shortly, according to Seth Feary who leads the task force.

Nicole Ozer, ACLU:   nozer@aclunc.org  one of 3 lawyers tracking new tech for the ACLU. Community members should not have to pay with their privacy to use a free municipal system. Wireless SV did not include a question about privacy and free speech but did say it would count a lot in the final decision. <the head of the task force said it was discussed already>  All three finalists get a failing grade.  they track who you are, where you are, and what you are looking at. All of it could be disposed to other parties.  It's as if you had free phones around town, but there would be ads and all calls would be monitored.  The California Constitution guarantees privacy and it can't be bought sold or traded. These finalists say that if you have money  you can have some privacy. It's up to WSV to have a fast, secure network that protects our privacy.

Don't track users from session to session. This creates a profile in a database.  All three have a failing grade for this.   Our data should not be commercialized.

Legal demands: notice should be given, with court.

The less info kept the better.

Sherman Hall, former IT guy now with the Atherton Police Department.  The competing pressures: privacy vs security. anonymity vs. tracking: He is assigned to REACT (a law enforcement TF) and computer forensics. Generally savvy and supporter of the status quo, as it exists today.   With complete anonymity there is no deterrent.  Record retention: 90 days. He explained the lag time in a credit card theft, the red tape in a police dept. There will be more sniffing in this open network.   He said there is a barrier to getting warrants because of limited resources. Ozer challenged him on this, saying there were provisions for telephone warrants.

Graham Barnes, Covad NextWeb  They are not bidders in the project. We are caught in the middle. With the freedom comes an openness that includes some tradeoffs the user may not understand. Last month was the first time there are more broadband subscribers(200 Kb/sec or greater) than dialup in the U.S.   Two ways of producing revenue: tracking aggregate data. he claims single user data is not valuable to anyone. But he mentions targeted advertising, a la Google.

Lauren Gelman, Stanford Internet Center.  said there's another model to let the market figure out who puts repeaters on the city phone poles.  It need not be a monopoly. She seemed to agree with much of what Ozer said.

John Tuomy, Secure Content, Inc.  Working with school boards on IT security issues. The federal government is not funding ed tech any more. Most superintendents feel like they can't handle any more complexities. School officials are risk averse and they want to protect their kids and data about families. There are more that 1000 schools in many districts for this project. There are great benefits and risks.  Equal access to families  will be useful to those who can't or won't afford it.

SANS institute said that last week was the greatest week for break-ins. Most take place in school and university computer networks. Dangers of porn and My Space. but the universal access will be valuable. This service should not be tied to a credit card. That's why prepaid cell phones are so important in the walled garden of cellular services. Educators don't want a wide-open system; they want to track 'evildoers.'

Jane Light San Jose Public Library.  We have 10 years experience in providing public access to the Internet.  We have about 1.2 million sessions a year on 600 computers. Some do not have access at home; some do. We have fast access and researchers use it along with other sources such as printed matter and site-licensed databases in the library.  More importantly is our many years of experience in providing free and open access and ensuring that it is free to people. Library users expect that their use won't be tracked. Our records are kept confidential unless there is a court order, but this is rare.

Many libraries have added wireless service to their wired networks. This JV program is a governmental action we are taking, so we have to give much more thought to privacy issues.  The standard enduser agreement is completely inadequate for a municipally sponsored project. It's too complicated.  the public expects that the muni access will protect their privacy. Wifi does not do much for those who have no computer. It's a short term issue because of the development of new generation cell phones.

 

Q&A

In other  muni systems these issues have not been addressed properly, especially San Francisco dealing with Google and Earthlink.

Can there be software to detect sniffers and other problem users? Google is going to provide a virtual private network client in Mountain View. this will allow users to encrypt their traffic. <But will they, any more than parents use filters or V-chip on television sets?>

Graham: "when people think they are using the I anonymously and they are not, that is the real challenge."

A big problem is that several vendors want to take a credit card to use the system. Of course this cuts out a lot of kids and people with poor credit or no card. Library card should not be  used as a universal identifier.  It's exempt from the public records act. A credit card is not fair. We could use a student ID.

Gelman said we might have a pre-paid card  for a small amount of time. She thinks this would 'address the digital divide issue"   but this seems ludicrous for what is billed as a free service at one tier. Why should people have to buy something that's free?

How do you audit compliance with the provisions in a service.   Hall: there's a civil incentive to conform to what they say they will do.  Ozer: the Calif article one section one, digital issues are handled.

The session ended promptly at 10 a.m.  In two hours there were a lot of positions stated clearly but little heated debate. As the task force negotiates with the finalists it is hard to understand how they can convince the provider not to "monetize" the user's information and adequately protect our privacy. Much of the public seems willing to give up some privacy and civil rights in a perceived exchange for coupons, free services, and to support the federal government's war on terror.  Think of it, the city of San Jose controls the airport and the library. The intrusions and safety measures we put up with at airports is getting worse and will spread to other parts of our daily life while the oasis of the library where the system is meant to serve and protect the user is not appreciated enough for the values it helps preserve.  -Steve Cisler

Zero One San Jose--final report

Zero One just ended this past weekend after seven days of meetings, concerts, exhibits, art happenings, lectures, and the symposium for the Inter-Society for Electronic Arts. One goal was to kickoff a biannual event in San Jose that might rival Linz, Austria's Ars Electronica in scope and attendance.

My only initial contact was my conversation with Joel Slayton, one of the primary organizers, and that was mainly about the satellite event, the Pacific Rim New Media Summit. San Jose has recovered somewhat from the bursting of the Internet  and dot-com bubble over five years ago. This is due to Google, Homeland Security money, and investments in bio-tech. However, events such as these depend on donations and in-kind assistance more than ticket sales and registration fees. The city of San Jose had subsidized an event the week before, an auto race on city streets, and coming up is a jazz festival. How they will evaluate their investment in Zero One will have a bearing on the future of the festival.

As an outsider who is interested in both computers and the arts I was excited about the range of activities and the artists whose works I would see and interact with. The ISEA2006 presentations and discussions took place next to the Tech Museum in two wonderful rooms (though one was cold enough to store cheese or age wine indefinitely) where the chairs were comfortable business chairs on rollers and many low tables, allowing the audience to reconfigure the arrangement easily. Power squids (power strips with tentacle-outlets) dropped from the ceiling so that laptop users did not need to hover on the edges of the huge room. Wireless connections were free and fast for a public setting, though at one point a denial-of-service attack brought down the network. I wondered if Ricardo Dominguez' 'electronic disturbance theater' algorithms had been turned on the art crowd instead of sites he opposed. Blowback? Probably not.

The other colder room had wonderful leather arm chairs for most everyone, but we were separated from the museum by a sliding wall. On Friday just after Mare Tralla (UK, Estonia) was talking about youth events in the Soviet Union where it was hard to control 20-30,000 kids singing patriotic songs, a school group entered the museum and began talking excitedly about the exhibits, reinforcing Tralla's comments.  It's no surprise that the unplanned encounters during the event or in the halls provided many of us with the memorable moments. After Tralla spoke a group of us from Arizona, Peru, Pakistan, Estonia (and me) talked about the presentations and shared stories.

The first keynote on Wednesday was another high point for me. Lu Jie is a  Chinese artist, curator, and culture worker who directs an ongoing project called The Long March: A walking visual display. It is a very complex project that compels individual artists from urban areas to work with artists and those who may not think they are in many different environments in rural China. Jie explained about a cultural survey his group did in one province where paper cutting is a traditional art form-- 20% of the 180,000 inhabitants do it. Jie said he is independent of the government though they are probably keeping an eye on the project. It has certainly reached audiences at festivals and art events throughout Asia, America, and Europe. I was impressed by his reflective responses to many complex questions from the audience, even though he has probably been asked them numerous times.  I had a feeling that his work would give a fuller and more complex picture of what is going on in China than the just endless raptures about the building frenzy and economic activity in Shanghai and many other cities.

If the talk on stage was boring (or even if it was not) laptop owners could do email or amuse themselves to death on boingboing. A few institutions discourage this and now ask for the audience's full attention. In the main hall scribes were writing about the session in real time (unlike this after-the-fact report) and anyone could make comments. New Zealand media artists seem to have kept a number of web logs about the festival. Over the four day there were some very interesting presentations, but some people just read papers and other visual artists had some of the worst graphics: too many words on a slide, small fonts, white text on a mottled background. Except for the keynotes and conversations, the stage was high and removed from the audience which was usually small enough that it could have been more intimate. The other room had the speakers at the same level, and the audience and the speakers seemed somewhat more engaged. However, there were plenty of places for important casual contact.

The exhibits were spread around town: at City Hall where Shu Lea Chang (Taiwan) installed "Babylove: drive me drive me crazy" a set of giant teacup vehicles that we could pilot around the floor of the hall. The baby played MP3 music as we cruised and bumped into other teacups.
- the art museum plaza provided a space for several installations and visits by the ice cream trucks such as Karaoke Ice where kids lined up to receive frozen treats and then sing one of the songs on the playlist.  Three little kids singing "These boots were made for walkin'" was quite bizarre.

- container culture was meant to engage curators from around the world in a collaborative exercise. Each Pacific rim city would design a project making use of a standard shipping container, and install them in a group on the main plaza. However, they had to be placed inside South Hall at some distance from the plaza. In some ways the space inside the container was confining for some exhibits and excessive for others. I had thought the containers would be set up in Vancouver, Singapore, etc. and shipped to San Jose, but that was too expensive. The contents were transported. For example, moving a container from Singapore to the port of Oakland and then by truck to San Jose (about 100 Km/60 mi) with a crane to offload: cost $30,000.   Steve Dietz the coordinator of this project --and one of the main event planners--explained some of the challenges at the Pacific Rim New Media Summit. I thought the next iteration might be suitcase culture or make use of the air cargo pods which we rarely see on the street or being transported by truck. Maybe hand luggage culture or even wallet culture. Scalable concept.

South Hall is a sort of giant inflatable structure to supplement the more permanent San Jose Convention Center. Many of the juried installations were set up there. Some were whimsical and others were involved and sometimes difficult to understand.  I rode a bicycle where a rear-mounted speaker produced laughter which increased as you pedaled faster. It was great fun producing such great art. Fete mobile, a Canadian project from Quebec, is a robotic blimp with a camera and wireless transmission to a ground unit on a bike. The wind was too strong to launch the times I visited.

Playas: Homeland Mirage: An interactive video installation focused on an abandoned mining town in New Mexico which the Dept. of Homeland Security leased for anti-terrorist training. The participants appeared on the projection screen as faint wraiths overlaying the action which consisted of first person shooter navigating through rendered versions of actual buildings, and inside each house there was live video of home movies of mundane suburban life: kids playing, a barbecue. The more active the shooter was, the more distorted the whole screen became. The program spawned enemies and friends as you played. If you have a fast Mac/PC you can download the game (~340 MB).

There were dozens of other installations, all described in the newspaper supplement published by the Metro, a local freebie weekly. Looking back at the program for this report, I realize how much I missed.

At the San Jose Museum of Art one of the most impressive exhibits was Jennifer Steinkamp's extraordinary liquid displays of flowers, trees, waves, and geometric patterns. I recommend the QuickTime videos on her site, and the longest, steinkam_reel.mov includes "Dervish" a 2004 installation at Lehman Maupin in NYC. If her work is in your town, go see it.

There were many free events after 1 p.m. and in the evening.  SpecFlic 2.0 was a program of live video displayed on a video wall outside the library and a call-in program with a future Infospherian--a librarian in 2030. While it was meant to comment on the future of books (quaint, rarely viewed, limited in capability) and an oppressive intellectual property regime as well as lending cards only available after an eye scan, it came off as rather negative, especially for those who don't think the library of the present is all that exciting or relevant. It was held at San Jose Public Library in the joint university/public building. The infospherian with silver face paint, bright red lips, and a wig, lectured about 21st century artifacts and took questions from the audience.  Usually she would go into a trance and begin jabbering in what one person called a 'scream of consciousness' about the topic.  It was funny  up to a point but very dystopian. Perhaps it was meant as a warning, but as a librarian I thought it was way too pessimistic. Libraries will remain oases of access and choice. I left after 40 minutes, but there were other facets to this program. Unfortunately the people with the programs were sitting far away from the crowds watching the show. Finding them was much like finding a book without a catalog.

Probably the best attendance was at the Friday night show put on by Survival Research Labs. When their shows are not authorized, they do some outrageous things--at least from what I have seen on video. This one was carefully scripted and approved by the fire department (on call at the street). Ear plugs were provided. The crowd was excited as the Tesla coil began crackling and throwing bolts before 11 p.m., but for most of the hour-long program all 2000 of us were quite silent. I enjoyed it, but there was less energy than at similar displays of destruction, noise, and fire at Burning Man 1999. It was worth $20, and given the small space they worked in, I think it was a success by San Jose standards.

The high cost to realize an interesting concept like an international art festival will count when the organizers plan for the 2008 version. The budget was $2,000,000, two-thirds of which was corporate and foundation money. Nobody can count the value of the many volunteers. There were many categories of donors with top billing going to the city of San Jose, Adobe, Cisco, and San Jose State University. There were some VIP affairs for the donors, and many of the speeches opened with tributes to them. My own organizing needs were modest, and I raised a mere $1000 from the Center for Science Technology & Society at Santa Clara University, to supplement the same amount from the festival in order cover some expenses of participants from Peru and Canada. I could have brought others had I raised more money. The organizers said it was impossible to get an accurate number of attendees, but 50,000 is a rough estimate. In 2008 when ISEA meets elsewhere, there won't be the core of artists and participants who were present during most of the festival. This may be the main challenge to the organizers.

One attendee was less enthusiastic. On August 15 the San Jose Mercury News published a letter from Mark Almassy of Santa Clara:

"I was at the ZeroOne Festival on Friday and Saturday The lack of attendance was at first disheartening, but as I wandered the event longer, I realized there was nothing to see. People came downtown expecting exciting pieces of cutting-edge electronic art, but were instead shown piece after piece of confusing (and often uninteresting) concepts related to computers. I am a young, avid computer user and frequenter of art museums, but I found nothing of interest to me. Nobody knew what or where the hot events were, if there were any. The idea of the festival was a nice thought, but the execution was poor."

I was glad to play a very small part in this festival, and I'd help out again, if they are able to engage the same groups and new ones to help make the 2008 event more accessible to the public.

Zero One San Jose

ZeroOne San Jose

ZeroOne San Jose is a swirling constellation of events that included several self-styled summits, a variety of public art, performances, lectures, and exhibitions associated with the 13th biannual meeting of ISEA, Inter-Society for the Electronic Arts. It began August 4 and ends August 13.

As an outsider I became involved in 2005 after talking with Joel Slayton, the Chair for ZeroOne and the ISEA2006 Symposium. He was planning one of the satellite events, the Pacific Rim New Media Summit, and I agreed to pull together a working group on "piracy in the Pacific" to look at trends, conflicts, and issues related to intellectual property (IP), piracy, sharing, and appropriation. (poster at left)

Gordon Knox, the director at Montalvo Arts Center convened a summit on intellectual property at the center a few miles from San Jose, and invited me to participate August 4th and 5th. Other participants included a film maker, an administrator from Arts Council England, several anthropologists, an industrial designer, two lawyers,  a journal editor and scientist, and a media researcher. The artists were busy preparing for ISEA and did not attend.  The discussions revolved around the best way for an artist to collaborate and work inside a research lab or high tech company environment for a limited period of time. Knox wanted to establish a 'safe place' in terms of IP where the artist would feel free to experiment. James Leach, an anthropologist from Cambridge felt strongly that existing IP regimes were based on narrow views of ownership and collaboration and that we should be looking at other kinds of relationships. The lawyers explained how the laws for IP had expanded, and many felt this inhibited activities and the spread of knowledge. On Monday the group met at Santa Clara University where the movie on piracy was shown, and there was a public forum.

This conflicted with the Pacific Rim New Media Summit which was held at King Library, the unique joint university-public library in downtown San Jose. Slayton's staff and students provided good logistical support before and during the meeting which occupied two full days of presentations and discussions. The summit was meant to encourage international cooperation and collaboration in a number of areas. The working groups included these topics:
-Distributed curatorial
-Education
-Urbanity and mobile media
-Place, ground, and practice
-Latin America-Pacific/Asia New Media Initiatives
-Residencies and symposia
-Piracy and the Pacific
-Invisible dynamics of the Pacific rim & bay area

Leading up to the summit there was an online forum which was never used by more than a few of the many members. Each working group was somewhat fluid, and the chair changed in a couple, and many members did not attend for different reasons: other commitments, lack of money, or visa problems. At ISEA Trebor Scholz whose institute focuses on "cooperation studies", gave a paper about social networks and why people take part online. Though he was part of a working group in our summit he did not attend. 

Danny Butt (Place, Ground, and practice) was the chair and only attendee from his group, and though he claimed he had failed, he presented a good summary of their activities leading up to the summit, including a significant and intimate gathering in New Zealand which could not be duplicated in this venue. (photo: Danny at the podium)

One chair thought he was coming to work together for two days mainly with his group, and like me, he met them for the first time shortly before they were due to present. My own group did not work that much together before, but they all helped me a great deal as I was preparing a short video "Piracy in the Pacific" for a DVD project Leonardo had hoped to publish. Once we met the afternoon before the presentation we were able to find some common disagreements to discuss during the summit.  Piracy and copyright is very, very contentious, and I assembled a CD-ROM of videos, rants, white papers, books, and proceedings that covered a spectrum of views from anarchist to Hollywood and law enforcement. We handed this out to everyone present (about 45).

The organizers suggested we might want to have statements to take to ISEA, or perhaps a manifesto, but this did not seem to happen. I think there were some good connections made, and some working groups planned to carry on with other projects. I  wondered what the summit would have been if it were the main focus in San Jose rather than the much larger ISEA meetings and exhibitions.

The always reclusive and secretive Raqs  Media Collective flew in  from an undisclosed location and arrived on the second day in order to comment and provoke us with interesting questions which needed a third day for discussion. They used metaphors of sea voyage, dead reckoning, and maritime language. A rare photo is at the left, but their faces are pixellated in order to protect their valued anonymity. They were last seen a couple of days later entering a black stretch limo outside the exhibit hall.

Next: ISEA 2006