The government can’t protect the information it’s collected

One big problem with the creeping surveillance state is that even if you trust the government to only use the information it’s collecting for noble purposes, you simply can’t keep information contained.

A few years back, Thomas ‘T.K.’ Kinsey was having a late, inebriated night in downtown Redlands, a far-flung suburb of Los Angeles. He started climbing a fountain, making the kind of bad decision a late-night carouser makes. Suddenly, he heard a voice coming from above telling him to stop. It wasn’t a good angel on his shoulder; it was a member of the police department speaking to him through a speaker in a city surveillance camera. Redlands has over 140 surveillance cameras around the 70,000-person town that have helped the police spot and stop drunk drivers, brawlers, vandals, and people illegally smoking in parks, according to a case study on the site of Leverage Information Systems, the company that provided the camera system. After his encounter being watched by the cameras, Kinsey, a security engineer, decided to gaze back at the system. He and Dustin Hoffman, his boss at IT firm Exigent Systems, discovered that the police were not the only ones who could peer through the eyes of the city’s cameras.

The cameras were deployed as a mesh network, with camera nodes popping up as “available wireless networks” dubbed with names that were far from stealth, such as “RPD – West End.” The cameras used a proprietary mesh protocol to communicate but were not password-protected. Hoffman and Kinsey said that the protocol was fairly easily reverse-engineered and that tapping into the network was then easy, requiring no specialized hardware, and allowing anyone to have a police-eye’s view of the town. “All you need is a little Linux knowledge and some $20 Wi-Fi hardware,” says Hoffman. He and Kinsey mapped what the cameras watched, including the entrance to an adult video store.

“It would have been trivial to have made all the feeds public and stream them online for anyone to watch,” Hoffman continued.

In India, someone in the government recently leaked CCTV video of a couple getting intimate at a train station. There have been numerous reports over the years of CCTV operators in Britain abusing the coutry’s vast network of surveillance cameras. Here in the U.S., Edward Snowden said last month that NSA officials were known to collect and trade explicit photos they find while casting drag nets over your electronic life. From license plate readers to cell phone tracking, state, local and federal governments can track and store data about your whereabouts and movement. The federal government and nearly every state government now has information on what medications you take. Depending on the state, that information could be accessible not only to law enforcement and medical personnel, but to insurance companies, regulatory agencies, and others. And that’s only who is allowed access under the law. We’ve seen numerous stories about police officers and other government officials abusing existing information databases to hit on women, keep tabs on former lovers, and for political purposes. And of course there’s also the persistent threat of the databases being hacked.

When we debate how much access to our lives to give to the government in order to, say, fight terrorism or prevent drug abuse, we need to keep in mind that the people who would be authorized to access that information, and the reasons for which they’d be authorized to access it will only be the baseline for how your information will be used. The longer it’s stored, the more likely someone who is unauthorized will be likely to access it, and the more likely it is to be used of unauthorized reasons.

Radley Balko blogs about criminal justice, the drug war and civil liberties for The Washington Post. He is the author of the book "Rise of the Warrior Cop: The Militarization of America's Police Forces."
Comments
Show Comments
Most Read
Next Story
Radley Balko · August 11