06 November 2006

The 2006 CECI Award

Ladies and Gentlemen, follow the red carpet for a very special treat: the presentation of the first annual CECI Award for clear thinking about security, privacy, identity, and risk.

The nomination and selection process is, like that for the Nobel prizes, mysterious - so don't ask. Nominees who fall short are not humiliated by having their unsuccessful candidacies announced and discussed.

The award is simply bestowed, here, by me, in a suitably magisterial fashion, with appropriate fanfare, pomp, and circumstance (and a little gold picture of Magritte's notapipe).

The 2006 CECI Award goes to David Murakami Wood and a large cast of co-authors, expert contributors, and reviewers for the publication of "A Report on the Surveillance Society". This report was prepared for the Information Commissioner of the United Kingdom. It is in the opinion of the CECI Award selection committee (me) the best government report of the Millenium to date, and it sets a standard which is unlikely to be excelled often in the remaining 994 years.

The report's scope is breathtaking, but its focus is intense. Its language is clear, direct, and even elegant. Its importance cannot be overstated. To select a representative quote seems almost a disfigurement; the thing should be taken as a whole. Still, as an advertisement for what you absolutely must read - and I am in no way kidding or exaggerating here - I offer you the very first paragraph:

"We live in a surveillance society. It is pointless to talk about surveillance society in the future tense. In all the rich countries of the world everyday life is suffused with surveillance encounters, not merely from dawn to dusk but 24/7. Some encounters obtrude into the routine, like when we get a ticket for running a red light when no one was around but the camera. But the majority are now just part of the fabric of daily life. Unremarkable."

I will have a lot to say on topics this report addresses in the coming months, but I am not likely to improve on any topic it addresses directly. I invite you to read it. Your children's lives will be profoundly affected by how well you understand the issues it raises, and by what you choose to do based on your understanding.

Congratulations to the recipients. An acceptance speech in the comments is not required, but would be most welcome.

03 November 2006

In the Crosshairs

Ars Technica has just published this story about a system you'll want to check out. You'll want to, but you won't really be able to.

The system is designed to collect large amounts of personally identifiable information about every person entering or leaving the United States for the purpose of assigning each individual a "risk assessment" rating. It will be implemented and operated by US Customs and Border Protection, a unit of the Department of Homeland Security.

If you travel a lot, the system will pretty quickly contain your name, address, telephone number, email address, frequent-flyer numbers, travel itineraries, and other information. It would surprise me if it didn't eventually include some credit card information.

The most surreal aspect of the system is its name: THE AUTOMATED TARGETING SYSTEM. Whoever approved that moniker obviously doesn't work in public relations. But in fact Customs and Border Protection clearly isn't too concerned with public relations. While your AUTOMATED TARGETING SYSTEM record can be accessed by courts, government officials at all levels including international, law enforcement, congressional offices, contractors, researchers, the Department of Justice, the National Archives, and intelligence agencies, it's not subject to the protections of the United States Privacy Act, and you can't access it yourself for purposes of reviewing the record's accuracy and correcting errors.

If you're worried about the privacy implications of this, well, you'll probably have lots of company. But don't let your privacy worries distract you so much that you don't worry about another important problem: the accuracy of the "risk assessment" which will be performed using your data.

Since the risk assessment criteria haven't been published, it's not easy to analyze any weaknesses that might exist. But it's not hard to predict that these weaknesses will be profound. Here's a fairly simple question I'd ask if I were assessing the system:

What risk rating would the system have assigned to Timothy McVeigh? Mohammed Atta? Omar Abdel Rahman? Brandon Mayfield? Hugo Chavez? Pope Benedict XVI? Aldrich Ames? John Walker Lindh?

I'm also interested to know whether a "high" risk rating will be considered sufficient justification for initiating an investigation of a US citizen or resident alien, and if so, what due process will be granted to the individual who is investigated.

This type of system (a large-scale system constructed in secret to solve a poorly understood but highly politically sensitive problem) has always resulted in failures, cost overruns, and injustices in the past. There's no reason to predict that THE AUTOMATED TARGETING SYSTEM will be the exception to the rule.