Category: Privacy

What happens to your internet security when your fingerprints are stolen?

There is recent news that the US government last 5.6 million fingerprints to unknown people in a cyber-attack. While it is worrisome, I don’t blame the government, it seems like it can happen to anyone.  For example, pretty much every store and business cannot keep our credit cards safe.  If we take it as a given that if something is stored on a network, eventually it will fall into the hands of people not authorized to have it, then it is OK to worry about the significant loss of data, and in this case, not credit card data, but rather fingerprint data.

We have been told that passwords are inherently unsafe because they can be hacked or stolen.  And because passwords are unsafe, we need a new “safe” method of authenticating to the network – and the “safest” way is through biometric data like fingerprints.  So this brings me to my question – at least a password can be changed at the sign of hacking.  Fingerprints cannot be changed.  What are we supposed to do when the “bad guys” get a copy of our fingerprints like has just happened for 5.6 million people?  It is something I am thinking about in the realm of public policy.  Please leave a comment if you have an idea.

Advertisement

Privacy and mobile facial recognition

I just finished teaching my class on “Current Issues in Privacy.” Northwestern students are incredibly smart and it is always a joy to work with them. Of course one of the big issues is privacy on Facebook, but I will save that one for later. Instead, I would like to talk about a technology that one of our groups discussed in their final project – mobile face recognition. It seems there is an app for Android phones (Recognizr) that lets to snap a picture of someone and have it pair up that picture through facial recognition software with publicly available contact information. It will probably be available for iPhones soon.

So when you go to a bar, you do not have to ask the cute girl or handsome man for their contact information – just snap a picture with your smartphone and it will give their phone number, street address, email address, etc. to you. Nevermind that they did not want to give you their number. Or nevermind they thought you were a jerk and would have given you a fake number. Nevermind consent of any sort, they can just take the picture of you from a range that you never even see them doing it. It is one thing in classic privacy theory to expose yourself in public and it is another that anyone with common technology can use database aggregation (which is what these lookups are called) in new and possibly scary ways. It is one thing for the police to be able to pull you over and verify the picture on your driver’s license. It is another for anyone on the street to be able to get this type of information. So I guess we just need to get over the idea of privacy.

Proposition 8, real-time streaming, and the US Supreme Court

When I heard that the US Supreme Court had ruled against real-time streaming of the Proposition 8 trial in California, my first reaction was “what are they thinking, this is a new century, shouldn’t we finally be able to see important cases on television and shouldn’t the people have access to the courts?  But I was so wrong in this case.  After I read the actual text of the case, a person like me who backs cameras in the courtroom in most cases, thinks that the USSC made the right decision.

By the way, in case you are not following the issue: Proposition 8 is the California provision that voted to overturn same-sex marriage in California.  Certainly a lot of people on both sides of the issue are interested in it, and I presume would be interested in watching the trial proceedings.

The US Supreme court case is  Hollingsworth v. Perry, 558 U.S. _____ (2010).

“Cameras in the courtroom” has always had the attention of the public, the news media, and the academic community for years.  Wouldn’t cameras in the courtroom create a more informed and engaged public? Wouldn’t there be greater learning about the judicial process? Wouldn’t it be nice if the press and the public had more opportunities to see when the judicial system does not function optimally? Although virtually all court proceedings are open to the public who want to attend in person, it is not easy to either attend nor discuss what happened and cameras in courts make both easier.

Many states permit cameras in the courtroom and the USSC does have audiotapes of its arguments available (the famous Oyez project at Northwesten University helps make those tapes available).  But federal courts have been resistant to cameras in the courtroom for trials.

Why? Perhaps the O.J. Simpson trial.  What could have been a breakthrough for cameras in the courtroom created a lot of concern within the legal community and among the public.  Every side and position can find something to be concerned about cameras in the courtroom after that trial.

So why do I think the USSC is correct in its ruling in Hollingsworth?  The subject matter has no sway in my opinion,  I am a reasonably liberal professor-type. But my concern, and the Court’s concern, goes mainly to the process.  The 9th Circuit and its trial court attempted to change its rule basically a the last minute (in December for a January trial, although discussions of televising this trial started a couple of months earlier) and without public comment.  If there is anything that even today in 2010 that is frought with issues and deserves due consideration, it is cameras in the courtroom. Instead, in this case the 9th Circuit and its trial court tried to rush through rules without what the Court found to be enough consideration.

In particular, I can see questions of when witnesses should not be televised (rape victims/witnesses?), or when entire trials should not be televised. Also, rules need to be established in the 9th circuit on lots of operational issues like what cameras can look at (juror’s faces?) and there is a whole host of other questions.  The USSC notes that in this case same-sex couples will be testifying, and that some parties have already received what appears to be threats of violence against them.   Both types of parties, among others might not want their testimony televised.  There needs to be a full procedure for considering those issues before the court moves into the arena of cameras in the trial courtroom.  And moments before a major case does not seem to be the right time.

No doubt that the 9th Circuit has been considering cameras in the courtroom for a long time.  But the record before the USSC gave them pause that this is not the moment.  Note that the majority opinion is written “per curium” but that the dissent is signed by four justices (Breyer, Stevens, Ginsberg, and Sotomayor).  That presumably makes this a 5-4 decision.  The Supreme Court could not be more split.

The federal courts need to get moving with permitting cameras in the trial courts.  They need to adopt their rules after public comment and the judges need to get experience with interpretation of the rules and how to best respond to requests of the parties for protection.  And the court staff needs to have practice on how to handle the real-time exigencies of broadcasting.  It is hard enough to know what to do when broadcasting a live awards show, and unlike cameras in the courtroom, no one will receive the death sentence after the show is over.  The stakes are high, but our judicial system and our democracy is the best in the world.  And cameras in the courtroom have the promise to make both stronger.

Dangerous communications

Communications dangers in 2010, a few resolutions for the new year

1) Getting to know someone: Everything from dating to social media sites present dangers to the participants.  Recently we have seen children commit suicide for what was said to them on social media sites and have seen too many episodes of Dateline to know that there are real dangers.

2) Letting someone find out about you: Sure, you thought that only your friends would see that picture of you drunk and get a laugh.  But when the hiring partner of your future firm does not get a laugh of your picture with the lampshade posted world-wide, you will need to re-evaluate what you let others know about your personal life.  Remember that the hiring partner has a personal life too, but they don’t put pictures available worldwide on the Internet….

3) Not guarding your numbers: Keep your SSN, bank numbers and other important numbers away from the bad folks.