Tag Archives: Privacy

More Facebook, but actually Internet privacy

Boy, this week is all Facebook all the time. Weird, considering I don’t use it.

So a couple of days ago I made a post about why I’m not on Facebook, at least at this particular time in my life, but I know many others are and that’s ok. For those of you who are, have you ever worried that someone might be spying on you while you connect? It seems like a strange thing to wonder about considering the whole purpose is to be visible, but in other parts of the world, sharing photos or other information on sites like that can result in serious consequences.

So in a somewhat surprising move, Facebook has created a version of their site that can only be accessed using TOR software. Let me give you some background:

TOR is (was) an acronym for “The Onion Router” (which is why the technically correct way of writing it is TOR, not Tor, although Tor is now the catchall term for it). What it does is bounce your connection to a site through a trusted series of secure points before you head out on to the Internet proper through an exit node, where you exit form the Tor network tot he Internet itself, all of which makes it very difficult to trace your origins or determine the true destination of what you’re doing on line. So if someone wants to monitor your network connections to try and determine where you’re going or what the origin of a particular transmission is, TOR would make that very difficult.

The FBI’s facial recognition system comes online

Privacy and security come up a lot with technology, and if you’re the suspicious type, something may seem awfully suspicious about this. The FBI has announced “Full Operational Capability” of it’s Next Generation Identification (NGI) system, which has been in development for three years and serves as an umbrella biometric identification system that will incorporate facial recognition and fingerprint identification capabilities along with things like voice prints sand other abilities.

For the fingerprint aspect of the system, NGI will be replacing the bureau’s current Integrated Automated Fingerprint identification System (IAFIS), which no one seems to mind. It’s the new facial recognition capabilities that have people riled up.

This new facial recognition component, the Interstate Photo System, is intended to treat faces like fingerprints; using automated software to scan photos of people and match the face in a photograph to a face already in the database. In other words, just like with fingerprints, if law enforcement has a photo of someone, they can compare it to the images in their database of faces, and the system will return 50 likely candidates. The database is expected to have over 50 million faces by next year.

Many states are already participating in the program, as can be seen in the map below. MOU, in the legend, means ‘Memorandum of Understanding,’ which is simply an agreement on an ideal between two parties, it indicates they are on the same page about something.

States participating in NGI

States participating in NGI

It has been decried, of course, by many groups including the main anti-monitoring group the Electronic Frontier Foundation, which is often at odds with government at all levels for their surveillance and monitoring practices. The big issue is the possibility of false positives, or accuracy in general, which is the main issue the EFF takes. From reports, of the 50 faces returned, there is an 80 percent probability that the actual matching face will be returned in the results. However, the system has already had success and I suspect will continue to expand rapidly in practice.

This is a sensitive subject, so let me make a couple of comments: First, as we have already said on this site, privacy and security are mutually exclusive. If you want one, you give up some of the other. You can’t have complete privacy and complete security. In this day and age, with what is happening in the world, the balance of one versus the other is a seemingly impossible judgement.

Also, Facebook and Apple have been using facial recognition for years and no one seemed to mind. In fact, here in Las Vegas s have been using it for YEARS for essentially – but not quite – the same purpose the FBI now claims and we’ve been ok with it. Priorities, I suppose.

You can see an unclassified PowerPoint presentation about the system that has a few additional details at this link.

Federal websites don’t screw around

This won’t be a very long post, I just wanted to show all of you that the federal government wants to be very clear in your expectations of privacy when using their websites. It also fits perfectly with the discussion of security and privacy we’ll be having tomorrow (or today, depending on when you see this). I was recently using the IRS.gov site when I was presented with this window:

Screenshot (185)It almost sounds scary, but to be fair it’s no secret this happens. It happens on most websites, actually, government or not. Their wording sounds Orwellian and apocalyptic, but it’s par for the course when conducting business online. I actually don’t have a problem with it, you can’t have 100% privacy and also have 100% security, you have to make sacrifices in one to have any amount of the other. Even so, the wording is so forceful it gave me pause. Maybe I should have used my real name instead of the pseudonym “Gleeson McNasty.”

Going Up