The idea in a nutshell

  • This is part 2 of a 3 part article on Intrusive Surveillance technology.
  • You can read part 1 here.
  • In part 1, I suggested that smartphones, law enforcement and some more authoritarian governments can surveille and identify us, even without us interacting with anything electronic.
  • Some of the examples below are cutting edge and as a result either qualified and/or need more research.
  • However, the principle that the unique elements in our physical movements can be used to identify us through technological analysis is a consistent theme.
  • In my opinion, that’s now certain and concerning.

Examples of Intrusive Surveillance Technology: Law enforcement, especially at airports

We are now used to some aspects of surveillance. London, for example, has the most CCTV per square meter than anywhere else in Europe. There are benefits to that. The UK Police Force managed to stop (kill) 3 terrorists in the London Bridge attack in 2017, within moments of their first terrorist acts. This threat of terrorism is often used to explain the introduction of the tools I describe below, as you know.

Surveillance technology has linked our offline characteristics with our identity, associates and location.

Some basic surveillance capabilities. Your voice, fingerprints, gait, face and DNA can now all be used to identify your identity, associates and location in the real world, without a warrant.
Source : Me, collated from text and links in this article.

  • Facial recognition is being used to identify people. It works so well that soon there may be no need for boarding pass checks :
    A successful 6 month trial of facial recognition technology was recently undertaken at Brisbane Airport and in some Middle East locations. Similar solutions are being sold by Amazon in the US, offering real time facial recognition to Police Forces around the country. (See also China example, below.)
  • You can also be reliably identified from the way you walk (your gait):
    AI based software analyses the 24 components each individual has, making the way they walk unique, and identifies a ‘fingerprint’ of citizen’s ‘gait.’ This technology is also being trialed at airports and has proved successful, with a 0.7% failure to identify rate.
  • People can now be caught by the police using public DNA records:
    In the US, anyone can send in some of their DNA for as little as $100 and have their genes analyzed. These services identify potential diseases to which you might be genetically exposed and also have a role to play in the tracing of family trees. Police have now solved at least two ‘cold cases’. In using these DNA databases and the DNA of suspects that was gathered at the scene. In one example, the DNA was collected as much as 30 years ago. The police matched it against a public DNA testing facility like ‘23andMe.) It’s going to be hard for other criminals in a similar predicament to hide (not that we’d want them to.) Even now, nearly every family in America  has at least one relative who has submitted DNA to one of these public genome analysis services. If misused, the police could identify any person, without a warrant, and using only these publicly available services – once they’d gathered your DNA from your lips (on a glass) or a hair (from a brush) using only requests to these DNA profiling services.
  • 400,000 Californians discovered in 2012 that they had been subject to mass surveillance of their physical movements for years:
    Residents of Oakland, California were surveilled by the local government for a period of years, without their knowledge. Monitoring stations called Domain Awareness Centers (DAC) were established, which used existing video feeds from traffic intersections in the city, and overlaid other information including shipping movements, social media chatter, weather news and emergency calls. The scheme was not disclosed by the local council who carried out the surveillance.
  • Anticipating social unrest using AI on social media:
    Software now exists to analyze social media feeds in real time, and use them to identify potential hotspot locations and  people who might flare up in a protest. In theory, the police could arrest potential trouble makers before their protest began.

Some of the more advanced ways we can now be surveilled. Impressive new surveillance technology.
Source : Me, collated from text and links in this article.

  • Cornell University’s lie detecting algorithms:
    Researchers at Cornell university have pioneered the ability to detect whether someone is lying, at a distance. The US department of Homeland Services and European Union are both currently testing a new potential replacement for polygraphs, based on their work. The system is called AVATAR. Humans can accurately judge if someone is lying around 60% of the time. AVATAR regularly beats that, peaking at 80% accuracy – so far – and is constantly being improved.
  • Interpol voice recognition software now means the Police can listen in on any conversation:
    Interpol operates in 160 countries around the world. They have coordinated their efforts in the area of voice analysis and can now identify individuals if given a sample of their voice and something to match it against. For example, imagine they wanted to find you but you had absconded the country. 5 years later, with a legal warrant to listen in on calls for a drug gang, they are monitoring calls in Rio de Janeiro and you order a coffee in the background of one of those calls. Interpol can now pick you out and know your location.
  • We can now use radio waves to see through walls:
    MIT recently pioneered a way to send radio waves through a wall and pick out individual humans behind it, using AI.

Additionally, Law Enforcement forces now have at their disposal AI solutions specifically designed to speed up the evidence gathering process, including scanning laptops and phones for incriminating files.

The potential for misuse and problematic privacy invasion comes from overlaying the concepts shown here. Imagine a government who could identify you in the real world, using either the way you walk, the sound of your voice, or your face (or using multiple surveillance technologies for increased accuracy.) They can track you through walls, overlay other information such as whether you have told more lies than usual today, and determine with some accuracy if you will start a protest.

This is the technology available to Western governments. In China, things are even more advanced.

Examples of Intrusive Surveillance Technology: The People’s Republic of China

China’s mixed economy with an authoritarian twist gives them an advantage in many areas, including AI and genetic sequencing. In simple terms, they can execute their plans more efficiently because they don’t need the ‘permission’ of their citizens and suffer less oversight than equivalent government bodies in the Western world. When it comes to surveillance, China is making the most of its opportunity.

Could China’s more advanced surveillance capabilities provide a hint as to our own surveilled future?

  • China installing RFID chips on all license plates:
    The government is mandating that from the start of 2019, any new car produced for use in the country is fitted with an RFID chip so they can be tracked, across the country.
  • Chinese schools using facial recognition in schools :
    A school in Hangzhou has installed facial recognition cameras in classrooms to monitor the degree to which students are alert in class. Students emotional states are also monitored and are reported to the teacher in summary form, in real time.  The goal is better classroom management.
  • Famously, China has a mysterious algorithm which determines a number, based on ‘how good a citizen they are’:
    The system is broadly described as ‘Social Credit’. Low scores can make it impossible to travel even domestically and get a mortgage.
  • Chinese surveillance company got huge funding:
    ‘Sensetime’, the Chinese company which makes facial recognition software for the Chinese police received a $600m investment from Alibaba, the Chinese eCommerce company behind the AI managed city. The investment valued Sensetime at $4.5 bn, and it constituted the biggest venture capital investment ever made.
  • Alibaba is already using an artificial intelligence system called City Brain to monitor every vehicle in Huangzou:
    The system collates video feeds from around town to optimize flows and has control over traffic lights. It has cut traffic congestion by 15%. Importantly, Alibaba owns the data it produces.
  • Chinese Police have facial recognition glasses and have used them to identify suspects at human ‘choke points’ like railway stations:
    Identifying people at choke points like train stations is now possible using facial recognition technology. Enormous video screens show images of people who cross the road when the light is red and highlight those who do not pay their debts, to publicly shame citizens who bend or break the rules.

China have the advantage of not caring too much about how their citizens feel about ever rising levels of surveillance.

Real time facial recognition is already a thing in China for both schools and the police. Similar systems are being installed in the USA.
Source : NYT – link above.

Examples of Intrusive Surveillance Technology: Your SmartPhone

Examples of Intrusive Surveillance Technology: Connected devices, especially Smartphones surveillance

Most people would be shocked at how much information your smartphone collects about you, your movements and your behavior in the physical world. Modern smartphones are essentially a set of internet-connected sensors. Below is a screenshot a developer took showing the live feed of variables generated by his phone. You might notice a 3 axis accelerometer, proximity sensor, light sensor, gyroscope (which I think can be used to estimate position if your GPS signal is lost). There’s even a magnetic field sensor. Remember, these sensors are running all the time, and your phone is constantly connected to the internet.

Your phone records multiple variables. It’s essentially a mobile tracking system you carry voluntarily.

The number of variables recorded by your phone might surprise you.
Source: Found it on the internet and I can’t remember where.

  • Oracle suggest Google’s Android operating system routinely tracks users’ position even when maps are turned off:
    Google dispute it but Oracle even travelled to Australia in order to show the ACCC the statistics they had about the level of surveillance Google conducts on its Android users. Oracle suggest phones using Google’s handheld operating system transmit around 1GB of data, costing each roughly $5 AUD per month, over $500m a year in total. Google’s goal is to connect online searches with offline purchases. For example, Oracle suggest that the altimeter in your Android determines what level on the mall you’re on to see if you bought in-store something you searched for at home. The facility allows Google to charge more for its online ads.
  • They can uniquely identify you from the way you swipe within 4 hours:
    The CSIRO published some research last month in Australia. In the analysis, the CSIRO could uniquely re-identify people whose behavior they studied (the way they uniquely pinched and swiped their screens) with 98.5% accuracy. Some suggest a time-window of 4 hours is enough to provide a dataset sufficiently large to uniquely identify someone. There is no proof that phone software manufacturers are using this as one of the ways to identify people as they move between devices – yet.

  • Hackers can guess your ATM PIN from the way you use your phone:
    In a story not a million miles from the swiping example above, researchers at a Singapore University showed they could use AI to correctly predict which of the top 50 smartphone passcodes a user had entered, just from using the sensors in the device. Again, each touch is unique – and the way the phone moves when you press ‘1’ on the screen is different to the way it moves when you press ‘2’. Pattern patching algorithms could deduce the correct passcode 99.5% accurately within 3 goes.
  • The FBI can now access any phone:
    In March 2016, you might remember an argument between the Department of Justice in America (DOJ) and Apple, over a phone which was believed to contain details about one of the San Bernardino shooters. The FBI nearly came to the point of ‘insisting’ (through the courts) that Apple provide a way to crack the phone. Apple refused and there was a tense standoff. The DOJ has now solved the problem, without Apple’s help. They can now subvert iPhone security messages to gain access to any phone, as reported in Wired (link above.). If the authorities ever have sufficient reason to detain you, they will be able to get into your phone and analyze all of its data.
  • Project Stingray:
    The Washington Post reported on June the first this year that ‘Stingray’ a brand of so called ‘IMSI’ tracker devices had been found outside the White House and other sensitive offices in Washington DC. Stingray products set themselves up to appear as regular cell towers to mobile phones and ‘take’ the call off the usual cellular network grid without the caller knowing. The call is still completed, but once Stingray acquires the signal, interlopers can listen in on what’s being said (something not usually possible – except for your phone company).
  • Apps taking data on kids:
    There are a growing number of internet connected devices but, for now, smartphones are the most widely available and used. New products which are connected to the internet often fall under the banner of the Internet of Things. Some are rushed to market in an effort to capitalize on the new opportunity. In one infamous example, an internet-connected baby monitor was hacked and the criminals spoke to the child without the parent’s consent. In a separate but related story, an app called Fun Kid Racing App which lets children guide cars using cartoon animals was found to have recorded information about them and their use of the game and sold it to at least 6 advertisers. The app was available for download in both the iOS and Google Play app stores. A broader investigation of 20 games performed by the New York Times suggested that this was not an isolated incident. ‘Family’ apps have different privacy requirements to apps for kids, and the differences in the terms and conditions for each are material. Children are categorized as individuals under the age of 13. Family apps treat everyone using them as adults – and are therefore allowed to extract more data. Most parents don’t know the difference. However, as I said above, generally apps need to clearly state what information they will be taking from your device.
  • They can also identify you from not just your fingerprint but from a picture of your fingerprint:
    In a recent investigation police used a picture of a fingerprint transmitted over WhatsApp to associate a criminal with a building break in and bring him to justice.

Summing up – the cat is out of the bag

I think there are enough examples there to make the point.

Between your smartphone, the information it sends over the internet about you, the tools being used by law enforcement already, and the potential for whole cities monitored and optimized in real time – the cat is out of the bag.

‘They’ can identify us and our associates, in real time, without a warrant, using almost any one of these tools.

In part 3, I’ll examine the question of whether this is something we might want to worry about.