When upper management is notified of a data breach, they have to choose between:

a) Announcing publicly and in a timely manner, which would result in major reputational damage, financial drain, loss of business, and potentially huge lawsuits.

b) Keeping quiet and hoping that no one ever finds out (in which case, nothing happens).

Of course, usually upper management doesn’t find out at all. There is little incentive for IT staff to report compromises all the way up the chain, since it just makes them look bad. System administrators fear that if they detect a compromise on their own servers, managers will accuse them of doing a bad job. Also, the breaches have to be detected in the first place– and often security staff are overworked and have limited resources for tuning IDS or following up on alerts.

The bottom line is that no one is motivated to do a good job detecting and publishing breaches– not corporations, not upper management, not IT staff, and in many cases not even security teams themselves. Ethics can hardly compete against real financial incentives and fears for job security.

Don’t Companies Have to Report Breaches?

Many states have data breach notification laws, but these tend to have major loopholes. Importantly, they don’t provide clear guidelines for deciding whether a “security breach” happened. As a result, if an attacker destroys important evidence or if the company does not retain records that would explicitly prove inappropriate access, then the company will probably decide that they are not required to report. Customers affected never even hear that there was concern about a breach in the first place.

The assumption is that the data is secure unless there is explicit evidence which proves otherwise. This is backwards! When log retention creates a liability, companies have reduced incentive to collect or retain detailed records. If we assume the data is secure unless there is proof otherwise, then there is no reason for companies to work to retain evidence.

The irony is that companies with the worst security practices, who do not keep logs or configure IDS systems effectively, are the ones who get off scot-free because they do not collect or retain the evidence of a breach.

What about the proposed federal Data Accountability and Trust Act?
The Data Accountability and Trust Act which passed the US House of Representatives last month does nothing to address this loophole. It requires that “Any person engaged in interstate commerce that owns or possesses data in electronic form containing personal information shall, following the discovery of a breach of security of the system maintained by such person that contains such data…notify each individual…”

OK, so what is a “breach of security”?

“(1) BREACH OF SECURITY- The term `breach of security’ means unauthorized access to or acquisition of data in electronic form containing personal information.”

How do you decide if there has been “unauthorized access to or acquisition of data”? The bill does not provide any guidance. As long as the organization does not keep records which would *prove* that confidential data was accessed or exported, their legal counsel may advise them that they do not have to report. I am not a lawyer, but I have seen this happen repeatedly with respect to existing data breach regulations.

How Can We Fix This Loophole?
Here are some ideas:

• Assume insecurity. Companies should be able to produce access logs and records which confirm that the data has been kept safe, rather than vice versa. This will motivate companies to collect and retain access logs in much greater detail than they do now.
• Proactively audit large organizations that retain lots of personal data.
• Publish yearly certificates based on audit results, the same way health inspectors publish certificates for restaurants. This way the public can decide which companies to give our information to, based on how well they secure it.

Today, the vast majority of security breaches are never reported. When you examine the incentives and the myriad of holes which exist in reporting regulations, it’s easy to understand why. Detailed logging and monitoring practices result in greater liability. Reporting incidents to the public can lead to financial ruin. There’s little incentive for organizations to do a genuinely good job tracking access to confidential data.

In this backward system, it’s a wonder we hear about any breaches at all. The fact that we do hear about data breaches frequently should make you stop and think about the number that are *really* occurring, but are never detected, let alone reported. Speaking from experience, I can tell you that the data breaches you hear about are just the tip of the iceberg.

Here are examples of the private information that state and local governments collect:

Health:

• Prescription Drug Monitoring Programs (PDMPs) in which “physicians and pharmacists… log each filled prescription into a state database to help medical professionals prevent abusers from obtaining prescriptions from multiple doctors.”
• Adult Medical histories (including sexual orientation, drug history, lists of medical problems, work history). Gathered for vaccinations and state health testing.
• Vaccine immunnization records (Children and Adults)
• Lists of people who are immunocompromised
• Lists of pregnant women and their doctors
• HIV/AIDS test results

Taxation:

• Income sources and levels
• Bill owed (doctors, lawyers, etc) for certain cases (see p.10)
• Bank statements
• Bank account numbers(see p. 14)
• Credit card numbers(see p. 14)
• Social security numbers
• Pension information
• Life insurance information
• Detailed employment records
• Deductions
• Value of assets (house, car, etc)
• Address, phone, extensive contact information
• Children’s names, Social Security numbers, ages
• Names of daycare providers

Unemployment:

• Names of people who have been unemployed
• Bank routing and checking account numbers
• Extensive personal details, including SSN, Driver’s license info, etc.
• Previous employment history
• Details regarding job search
• Salary records
• Records of unemployment funds received

Transportation:

• Detailed travel records (EZ-Pass, Fastlane, Subway passes)
• Dates, times, and locations that subway/EZ-pass cards were used
• Lists of senior citizens, contact information and photographs
• Lists of disabled people, contact information and photographs
• Credit-card and payment information
• Rider photographs and video footage

Motor Vehicle Services:

• Driver personal info:
• Height
• Weight
• Eye correction
• Address
• Social Security Number
• Payment information
• Violations (see p.3 for a list of info typically included in citations)
• Locations, dates, times
• Description and details
• Images (photographs, videos)
• Red-light camera images
• License-plate tracking

Government Employee records

• Social Security numbers
• Employee reviews
• Health insurance information

Education:

• Childrens’ standardized test scores

Police:

• Confidential informant records
• Confidential juvenile records
• Video surveillance footage of streets and intersections
• Rape victim statements and details
• Officer personal information and disciplinary records
• Investigative data

 
We conduct routine inspections of restaurant kitchens for public safety, and the public is entitled to see inspection certificates. Shouldn’t management of our public data be held to the same standards?

The public deserves to have input regarding what data is put into the hands of companies which are not controlled by the public. We deserve regulations which protect our private information from abuse, and which specify what types of information can or cannot be hosted by foreign companies and private companies.

Most importantly, we deserve assurance. Our government must routinely verify through inspection and public reports that confidential information is not being misused by private companies, and that only appropriate types of information are being shipped off-site. If private companies are to hold taxpayer information, the public deserves independent verification and reassurance that our data is well-managed.

For information about the specific data used by your state, check out your state’s web site and look at the services it offers. (Here’s a nice example from the State of New Mexico.) Then think about all the private information that your government needs to collect and process in order to support those services. You might be surprised.

“Over 60% of the U.S. state governments have gone Google.”

Does this mean that we’ve now handed the majority of our state governments’ operational data to a single privately-controlled company which has well-publicized partnerships with other governments such as China?

To find out more, I contacted Google’s press department. A representative promptly got back to me with more information:

“The reference to Going Google refers to US state governments using one or more of Google’s enterprise products…With regard to data hosting, Google Apps is a cloud computing solution meaning Google hosts the data in our data centers, relieving the customer or gov agency of the burden of managing their own servers in house.”

In other words, according to Google, United States state governments have literally handed over our public data to be held and managed by a private company which has well-publicized partnerships with other governments such as China. The data is physically stored in Google’s buildings, on Google’s servers, managed by Google’s employees. This means Google now controls our government’s access to it’s own data.

Google declined to make their list of state government customers public, so instead I checked to see which states had active Google Apps login pages for their domains. There are 19 states that have active Google Apps login pages (plus Washington D.C.) These include:

In September, Google announced its plans to create a major government data hosting operation for the United States. “Today, we’re excited to announce our intent to create a government cloud, which we expect to become operational in 2010. Offering the same services and features as our existing commercial cloud (such as Google Apps), this dedicated environment within existing Google facilities in the US will serve the unique needs of US federal, state, and local governments…”

Moving the data itself offsite is a BIG change, and one that comes at a BIG price. This effectively places state governments’ data outside the direct control of our government. If Google (or an ISP) were to decide for whatever reason– economic, political– to cut us off from our data, governments using their services would be, well, Scroogled.

To me, this is an unacceptable level of control for a single private company to have over federal, state or local government. When you reach a point where the government cannot operate without a private company, then the private company has effectively gained control of the government.

With Google physically housing and managing state government operational data, they literally gain control of our government’s operations. What’s more, Google also has access to data mine the information. Would this be legal? Hopefully not, depending on the contract that our governments have signed. Would it be technologically possible? Of course.

In another twist, state governments’ moves to outsource their data could also open their information to far greater access by intelligence agencies. It might be legal under homeland security rules for federal intelligence agencies to force Google to turn over information from state and local governments, perhaps without even notifying them. For issues where state laws are in direct conflict with federal laws, the implications for states’ rights are serious. For example, several states maintain lists of registered medical marijuana patients. Could a federal agency force or coerce Google to turn over lists of names without permission from the state?

Google is extremely good at managing its own public image (it undeniably has a leg up due to the fact that it controls news sources and search engine returns). However, it is still a for-profit corporation and ultimately works for the good of its owners, not the public. The fact that Google is working to host a large percentage of U.S. government data should set off alarm bells. How can the U.S. government effectively manage its own security and the interests of the people when large corporations have it by the balls?

The long-term, hard-to-quantify risks of moving the United States’ operational data to a private company are easy to ignore when you look at the short-term technological benefits and shiny flashy features. No one can deny that Google enables government entities to operate with a level of sophistication that would inconceivable if all operations were done in-house. Governments typically suffer the same problems as many midsize companies with underfunded IT departments and political complexities that make it difficult to centralize and streamline operations. It doesn’t really make sense for every state and local government to reinvent the wheel with respect to IT. With no “public option” for scalable, government-sponsored IT services, it’s understandable that state and local governments would outsource to the private sector.

That said, the practice of outsourcing government IT management is risky and deserves careful scrutiny and regulation. It’s funny that we’re chasing after “terrorists” in our airports, and at the same time our state governments have moved fundamental operations data over to a private company which is not controlled by the public and has strong ties to foreign governments.

Google is outside our system of checks and balances. They are quickly becoming absolutely necessary for our government to function, but their operations are not transparent and are outside the control of the American people.

Here are a few related press materials published by Google:

District of Colombia

Virtual Alabama

City of Los Angeles

The document reveals that the DHS is storing the reader’s:

• Credit card number and expiration (really)
• IP address used to make web travel reservations
• Hotel information and itinerary
• Full Name, birth date and passport number
• Full airline itinerary, including flight numbers and seat numbers
• Cruise ship itinerary
• Phone numbers, incl. business, home & cell
• Every frequent flyer and hotel number associated with the subject, even ones not used for the specific reservation

Again, here is the full record. The anonymous reader obtained his/her travel history using Edward Hasbrouck’s excellent guides. Check out his site for more info!

Thanks a ton for sending this in. If anybody else gets a copy of their ATS travel record, send it in! We’d love to see them and compare.

Reverse of the United States Great Seal Novus Ordo Seclorum “A New Order of the Ages”

“Death of Anonymous Travel”
DEFCON 2009 – PDF
MD5sum: c772681c37c9ad5d210c19c12eb43095

Thanks to everyone who sent in comments, suggestions, and encouragement. (Special thanks to the EFF lawyers for reviewing this beforehand– you guys rock!)

I’ll have the full list of references (vendor marketing materials, news articles, FOIA docs, etc) up in the next week, so check back!

Abstract:
Worldwide, people who use cars, buses, trains, and carry cell phones are tracked in increasingly centralized corporate and government databases. This capability is still in its infancy, and has been facilitated by communication and payment systems which are linked to identification and refer to centralized electronic databases.

* Collate and disseminate information about current known travel monitoring practices;
* Discuss technical and social solutions for maintaining personal privacy and the freedom to assemble;
* Encourage greater transparency and public control over data collection and use.

“I recently requested my “file” from the Dept of Homeland Security – Customs. It was interesting to see that they not only knew every flight I took, but also all of the hotels I stayed at too. This surprised me because I didn’t understand how they knew where I was staying.

“I researched this and realized that when I had stayed at hotels that were not booked in advance, they did not have the information on my record. It seems that when you book through Sabre or other services that use Sabre, your entire itinerary become part of the DHS record also. I think this is what they compare your passport stamps to when you come back into the country and the Customs guy is sitting there staring at the computer screen and your passport.”

Sabre is used to book reservations for railways, car rentals, cruises, lodging and airlines around the world.

The Bush Turnpike in Texas no longer accepts cash as of July 1, 2009. Based on the federal Coinage Act of 1965, I believe this is illegal.

The Coinage Act (31 U.S.C. 5103) states: “United States coins and currency (including Federal reserve notes and circulating notes of Federal reserve banks and national banks) are legal tender for all debts, public charges, taxes, and dues.”

The Treasury Department has made it clear that “Private businesses are free to develop their own policies on whether or not to accept cash unless there is a State law which says otherwise. For example, a bus line may prohibit payment of fares in pennies or dollar bills.” However, I would argue that the NTTA is now operating as a “creditor.” “ZipCash is the NTTA’s “drive now, pay later” option for customers without TollTags,” reads their advertising literature. “High-speed cameras take pictures of the license plates of vehicles without TollTags. Invoices for the tolls are then sent to the registered owner of each vehicle.”

The time at which payment is collected matters a lot. Stores are not required to accept US cash for products and services paid up front, because no debt is incurred. However, “restaurants that do not collect payment until after a meal is served would have to accept that legal tender for the debt incurred in purchasing the meal.” (Wikipedia) Based on this logic, the NTTA (“a political subdivision of the State of Texas”) would presumably not be required to accept cash for payment as a driver is getting onto the highway, but once he or she has driven the stretch of road, the debt has been incurred and US cash monies must be accepted.

There currently appears to be no way for a driver on the Bush Turnpike who is not the registered owner to directly receive and pay an invoice from the NTTA (according to Texas law, the owner is responsible). The NTTA sends “ZipCash” invoices only to the registered vehicle owner, and TxTolls are not transferable between vehicles. What’s more, the NTTA has no instructions (at least, none that I could find) on their web site which indicate how a driver could pay their ZipCash invoice in, well, real cash.

With the advent of “ZipCash” the North Texas Tollway Authority (NTTA) now falls under the Fair and Accurate Credit Transactions Act of 2003 (FACTA) definition of “creditor” as “any entity that regularly extends or renews credit – or arranges for others to do so – and includes all entities that regularly permit deferred payments for goods or services.”

This means that the NTTA is also regulated by the FTC’s new Red Flags Rules, which apply to any “creditor” that “offers or maintains ‘covered accounts.’ A covered account is (1) an account primarily for personal, family, or household purposes, that involves or is designed to permit multiple payments or transactions…” The NTTA’s “Toll Tags” accounts fit squarely into that definition. (I wonder how hard the NTTA has worked on their required Red Flag Identity Theft Protection Program…)

According to the US Treasury, the Coinage Act ensures that “all United States money as identified above are a valid and legal offer of payment for debts when tendered to a creditor.”

“Red Flag Identity Theft Rule We are now required by law to ask for a Photo ID at the time of each visit. Please have your Photo ID ready for the receptionist to scan.”

As an avid bicyclist, I wasn’t carrying a driver’s license.

“I’m sorry, we’ll have to reschedule you,” said the receptionist. “We need to scan your ID before we can see you. It’s a new law.”

“No, I really don’t have one. I bicycle everywhere. I don’t even know where my old license is any more.”

She looked me in the eye and said, “Sorry. I suggest you get a photo ID. You need to have one to be seen.”

“What if I’m paying for my own visit, and not using health insurance?”

“We need to scan your ID and have it in your file or we can’t see you.”

“I don’t think it’s right to deny care to patients who don’t have a Photo ID,” I said.

“Well, I can talk to my supervisor,” she said. “But I think you’re going to have to reschedule.”

As I waited, I watched the receptionist take another patient’s driver’s license and walk off into a back room. Apparently, in order to comply with the “Red Flag Identity Theft Rule,” the doctor’s office now scans a copy of every patient’s driver’s license and stores it in their computer systems.

How secure are my doctor’s computer systems? Patients don’t have the right to know. Doctor’s offices, hospitals and even health insurance companies get infected with viruses, worms and spyware all the time. These are generally not reported as patient data breaches, because they are far too common.

Just in the past few weeks, there have been news reports of patient data thefts from UC Berkely Health Service, Virginia Prescription Monitoring Program and Memorial Medical Center. The vast majority of breaches never get reported or even detected, however, because tiny little health care clinics and hospitals all over the country have neither the resources nor the incentives to institute appropriate detection measures.

And now they want to store a high-resolution copy of my driver’s license on top of everything else? What is this “Red Flags Identity Theft Rule,” anyway?

The Red Flags Rules are a collection of new Federal Trade Commission regulations aimed at reducing the risk of identity theft. The American Medical Association and dozens of other medical societies “have protested the FTC’s decision to apply the Red Flags rule to medical practices and other health care providers.”

Why on earth does the Federal Trade Commission affect who my doctor treats?

According to the FTC, “Health care providers may be subject to the Rule if they are ‘creditors.’ Although you may not think of your practice as a ‘creditor’ in the traditional sense of a bank or mortgage company, the law defines ‘creditor’ to include any entity that regularly defers payments for goods or services or arranges for the extension of credit. For example, you are a creditor if you regularly bill patients after the completion of services, including for the remainder of medical fees not reimbursed by insurance.”

The FTC requires “each financial institution or creditor to develop and implement a written Identity Theft Prevention Program (Program) to detect, prevent, and mitigate identity theft in connection with the opening of certain accounts or certain existing accounts.” Although the Red Flags Rules do not explicitly require doctor’s offices to make copies of patient identification, they are often implemented this way.

Ironically, spreading more private information around– such as high-resolution copies of driver’s licenses- increases patients’ risk of identity theft. As a 2008 World Privacy Forum report explained:

“When patients are, for example, asked for a drivers’ license when checking in to hospitals for surgery, the license itself may be copied or scanned and added into the actual patient file. This can give hospital insiders with criminal tendencies access to a treasure trove of photographic, biometric, and other information that may have been unavailable to them before. The result can be more identity theft (medical and otherwise).

“…Just because customer identity proofing is commonplace in the financial sector does not mean that it has translated perfectly or even well to the health care sector. The two sectors have different regulatory requirements, approaches to access points, security, and information flows. Banks and health care providers also have different competencies, staffing capacities, training, and in many cases even procedures when it comes to reviewing and managing customer identification documents.”

Everyone should have access to medical care– not just people who have registered with the government and obtained a photo ID. Furthermore, patients should have the right to health care without being forced to give up control of our personal information. As a patient, I don’t really want a copy of my Photo ID stored on a crappy unpatched Windows box at my doctor’s office. Today’s patients do not even have the right to know how well doctor’s offices and hospitals are secured, even in the face of constant reports of medical data breaches. That’s sick.

TSA has stated that Secure Flight record system is exempt to multiple provisions of the Privacy Act. In particular, it claims:

• “Exemption from the Access and Amendment Requirements” which “relate to an individual’s ability to request access to and correction of records…”
• “Exemption from Requirement to Collect Only Relevant and Necessary Information”
• “Exemption from the Requirement of Maintaining All Records Used by the Agency in Making a Determination about an Individual with Accuracy, Relevance, Timeliness and Completeness”
• “Exemption from the Requirement of Judicial Review”

TSA’s transportation security strategy appears to be based on the logic that by tracking civilians en masse and maintaining secret “watch lists” we can somehow identify all people with potentially malicious intent and prevent them from accessing public transportation systems. (“Sorry sir, you’ve already committed three suicide bombings this year, so we can’t allow you on the plane.”)

Of course, air travel is just a small part of the picture. TSA is also “responsible for security in all modes of transportation.” This includes cars, buses, subway and rail. According to their mandate, presumably even bicyclists would fall under TSA’s purview. Ground transportation is arguably even more important than aviation security, particularly because so many phone and network cables run along railways and highways. Although TSA has thus far focused their most draconian regulations on the air, they have been asserting increasing control over ground public transportation.

Last September, TSA flexed their ground-transportation muscles when they mobilized TSA and Amtrak security teams “from approximately 100 commuter rail, state, and local police agencies… for the largest joint, simultaneous Northeast rail security operation of its kind, involving 150 railway stations between Fredericksburg, Virginia, and Essex Junction, Vermont.”

What prompted this massive security exercise?

“The morning rush-hour multi-force security deployment was NOT in response to any particular threat or incident, but rather a demonstration of an ongoing collaborative effort to expand counter-terrorism and incident response capabilities up and down the Northeast Corridor railway system,” wrote TSA in a press release.

I see.

Let’s follow the TSA’s strategy to its logical conclusion. If we accept Secure Flight as a valid security strategy, then in order to effectively and fully “secure” our transportation infrastructure, we would need to:

• Track everyone traveling on a highway, subway, bus, train, or plane;
• Track everyone in or near a transportation interchange;
• Accurately identify every person (ultimately, using biometrics or similar);
• Compare identification to meticulously-maintained “watch lists”;
• Selectively deny travel based on secret information stored in government databases

Even then, it only takes one sneaky attacker to dodge the system and cause havoc. Furthermore, tracking every citizen is an extremely high-impact, resource-intensive strategy, which will require deep, fundamental, rather frightening changes in our society. It requires the abolishment of free society, placing our freedom to travel in the hands of an un-auditable, un-elected elite.

By treating citizens as potential enemy combatants, we waste money and actually degrade our nation’s security. This concept is summarized neatly in the Tao Te Ching: “do not use arms to coerce the world, for these things tend to reverse– brambles grow where an army has been… Weapons are inauspicious instruments, not the tools of the enlightened.” (Translation: Thomas Cleary)

What is a more effective strategy? The key is to examine incentives that lead up to attacks. Millions of people around the world, including American citizens, feel that they have been treated unfairly by United States corporations and the government.

Rather than feeding the fire by treating innocent civilians like potential enemy combatants, perhaps we should spend that money on 1) actually improving quality of life for civilians; 2) diplomatically resolving conflicts; 3) genuinely improving the resilience of our critical infrastructure; 4) non-proliferation and weapons-tracking efforts.

“When welfare and justice embrace the whole people, when public works are sufficient to meet national emergenices, when the policy of selection for office is satisfactory to the intelligent, when planning is sufficient to know strengths and weaknesses, that is the basis of certain victory.” (Cleary, Translator’s Introduction to the Art of War)

New York’s “Real Time Crime Center can quickly query millions of pieces of information to uncover previously unknown data relationships and points of connection.”

In Poland “personal and vehicle IDs can be instantly checked in an EU-wide database.”

In Chicago: city staff “have access to video from a multitude of cameras citywide, with advanced analytics built into the infrastructure, that are connected to a fiber/wireless network to assist the operator with potential ‘eyes-on-the-scene’ in the vicinity of an incident.”

I’m all for fighting crime, but these vast, nascent public surveillance programs which have minimal public input and oversight are pretty frightening. If you’re familiar with the history of IBM, their massive surveillance operations are especially creepy. “IBM was founded in 1898 by German inventor Herman Hollerith as a census tabulating company. Census was its business,” wrote Edwin Black in his 2001 book, IBM and the Holocaust.

During the 1930s, IBM subsidiaries worked closely with the Nazis to develop and maintain the registration and tracking systems which were the foundation of their extermination operations. “IBM’s custom-designed prisoner-tracking Hollerith punch card equipment allowed the Nazis to efficiently manage the hundreds of concentration camps and sub-camps throughout Europe, as well as the millions who passed through them. Auschwitz’ camp code in the IBM tabulation system was 001.” (Black, 2002)

“The image of a tattooed number on the forearm of a death-camp survivor is one of the most recognized symbols of the Holocaust. Black shows that these numbers initially correlated to the IBM Hollerith punch-card system.” (AllBusiness, 2002)

Of course, the level of surveillance that we are experiencing today far surpasses anything seen by those living in Nazi Germany. Between GPS-tracked cell phones, OCR license-plate readers, and full-fledged city video surveillance systems, both corporations and law enforcement can track private citizens’ moment-to-moment activities.

What’s happening with all this data? The answer is: we (the public) don’t know. From traffic cameras to full-scale city monitoring systems, mass surveillance programs are being put into place with very little publicized detail regarding information security or data management. Conversely, the implementers seem to have taken a “security through obscurity” approach, where public disclosure of surveillance IT management practices is seen as a threat to security itself.

“Billions of records, accessible in minutes,” reads an IBM advertisement. “At the heart of the Real Time Crime Center is IBM Crime Information Warehouse technology… Advanced data-mining technology provides investigators with access to billions of records.”

Challenge: can you find any record of IT security audits of New York’s powerful public surveillance center, or even just indications that regular IT security audits occur? I can’t. (If you do, post!) If these records exist, they sure aren’t easily accessible by the public. Don’t we deserve verifiable evidence that our personal information is being responsibly managed?

As anyone in the open-source or cryptographic community knows, security through obscurity doesn’t make a system more secure. In the case of mass surveillance and tracking systems, the public is being denied the ability to verify that our data is securely and appropriately managed.

Moreover, what exactly are government and contractors doing with all of this very personal data? Contractors such as IBM are collecting an enormous amount of personal data, yet the public receives very little detail about how long our information is kept, who has access, and precisely how our data managed or used — other than vague, unverified assurances that our information is managed in accordance with regulation. It is impossible for us to assess compliance with referenced privacy and information security regulations without any real data.

Mass surveillance is an extremely powerful tool which is here to stay. Electronic mass tracking systems essentially obviate the need for punch cards and tattooed numbers, while serving effectively the same purpose. “It was the use of raw numbers, punch cards, statistical expertise, and identification cards that made [Nazi genocide] possible…” write Aly and Roth in their excellent book, The Nazi Census. “Every act of extermination was preceded by an act of registration.”

In a free society, the public must have the ability to actively provide input and receive feedback regarding the collection, maintenance and use of our tracking information, surveillance photographs and videos. If mass surveillance systems are not controlled by the population under surveillance, they will be (and have been) used for oppression. “Knowledge is power.”
 

Hahahaha…..

Apparently, “HashKeeper is available free of charge.” Contact the National Drug Intelligence Center for more information.

National Drug Intelligence Center
c/o Mr. Steve Gironda
Telephone: 814-532-4987
E-mail: ndic.domex.request@usdoj.gov

Hat tip to John Masterson.