Why surveillance is even worse for your privacy than you thought: three cautionary tales
Readers of this blog hardly need to be told that surveillance represents a grave threat to privacy. By its very nature, it seeks to know who we are and what we do, whether we wish that or not. But there is a secondary harm that surveillance brings – a collateral damage – as three recent and very different stories underline.
The first concerns the US consumer credit reporting agency, TransUnion, one of the “Big Three” in this field, along with Experian and Equifax. This is how it describes its key TLOxp database service:
TLOxp can search and locate virtually any individual, anywhere in the U.S., including U.S. territories such as Guam and Puerto Rico. The information you receive about individual subjects is rich and constantly updated, including:
360º profile – From basic information like names, phones, emails and address to detailed data on employment, aliases, assets, criminal history, bankruptcies and much more.
Its global offering is even more comprehensive. The company claims to have a consumer credit database of one billion consumers in over 30 countries, drawing on 90,000 data sources, including “financial institutions, private database and public records repositories”, providing over three billion updates per month. That degree of commercial surveillance is troubling enough, but an additional threat flows from unauthorized use of that data.
Forbes details the unlikely story of how a group of rappers apparently gained access to this information, and in multiple ways. For example, TransUnion told Forbes that four authorized customers of the company had their access to the database abused by “rogue employees”, who passed on information to the rappers:
Once they’d stolen citizens’ identities, the rappers went on spending sprees, according to the government. The DOJ said the scammers used fake IDs to purchase and resell iPhones and iPads. They leased luxury apartments and purchased expensive cars. In one case, two of the coconspirators took out a fraudulent loan of about $30,000 and used the funds to acquire a 2014 Mercedes-Benz
That’s a useful reminder that no matter how rigorous the digital security applied to stores of sensitive personal information, the weakest link in the chain is often analog: the people with permission to access those databases. The wider the customer base, the greater the risk that employees somewhere will be bribed or blackmailed to provide unauthorized entry.
The way the authorities were able to bring the rappers to justice offers a second tale of how the use of surveillance brings with it problems beyond the obvious ones of making it harder to preserve privacy. Observing the home of the group’s leader, the police noted that he had installed Google’s Nest surveillance cameras with views into and outside the apartment. Using this information:
In June last year, Postal Service investigator Berkland obtained a warrant ordering Google to hand over all the data related to those cameras. The company complied, shipping surveillance footage back, along with personal details of its owners. It’s the first known case in the United States in which a federal law enforcement agency has demanded information from a Nest provider, and it has obvious implications for anyone who has purchased a smart home appliance that contains a camera or a microphone.
Once again, the moral here is that carrying out surveillance creates personal data that is often stored, for whatever reason. If it is retained, use by criminals is not the only risk: the authorities may demand legal access in order to use that data as they wish, including against the person who caused it to be stored.
The final case underlines that point. It involves the German company Wolf Intelligence, which sells surveillance technologies to governments around the world. According to an article published on Motherboard, security researchers from CSIS Security discovered highly-sensitive data on an unprotected command and control server and a public Google Drive folder:
The leak exposed 20 gigabytes of data, including recordings of meetings with customers, a scan of a passport belonging to the company’s founder, scans of the founder’s credit cards, and surveillance targets’ data, according to researchers.
Of particular note is the fact that data deriving from surveillance targets was allegedly exposed. Again, that shows that beyond the privacy-harming act of surveillance itself, there was collateral damage from leaving it online in an unsecured location. That this happened with a company operating in the world of security demonstrates that there are simply no guarantees that sensitive personal data will be protected well enough to prevent leaks. Nor is it an isolated case: Motherboard has just published details of further examples.
There three anecdotes have in common serious secondary damage that flowed from the data generated by surveillance of various kinds. Their details are not important, but the lesson they teach is. We can predict – with absolute certainty – that more such leaks of personal data will occur from every kind of surveillance activity. For example, the increasing use of so-called “smart” speakers will inevitably lead to highly-personal information being leaked that will be at best embarrassing, and at worst costly in economic or human terms. The rise of the Internet of Things will doubtless see more and more of the rich data streams captured and stored. Once in a database, it is unrealistic to think that they will not be accessed by unauthorized individuals, for example by breaking into systems, or through abusing positions of trust.
No amount of clever security can stop this. There is only one way to reduce the secondary harm of surveillance, and that is to keep the storage of associated data to a minimum. That’s not the case at the moment. As storage costs continue to fall, the general motto today is “more is better”. The logic seems to be: you never know when you might need that older data, so let’s keep it just in case. Although there may be benefits from retaining surveillance files for future use, they need to be weighed against the risks of doing so. When it comes to personal data, data minimization needs to become the rule. If it doesn’t, the number of stories like the ones above will multiply, and the additional harms from surveillance will grow.
Featured image by Retis.
