Dissent

Mar 312020
 
 March 31, 2020  Posted by  Business

Danny Hakim and Natasha Singer report:

Zoom, the videoconferencing app whose traffic has surged during the coronavirus pandemic, is under scrutiny by the office of New York’s attorney general, Letitia James, for its data privacy and security practices.

On Monday, the office sent Zoom a letter asking what, if any, new security measures the company has put in place to handle increased traffic on its network and to detect hackers, according to a copy reviewed by The New York Times.

Read more on the NY Times.

Mar 302020
 
 March 30, 2020  Posted by  Court, Surveillance, U.S.

Jennifer Lynch of EFF writes:

Should the fact that your neighbors can see the outside of your house mean the police can use a camera to record everything that happens there for more than five months? We don’t think so either. That’s why we joined ACLU, ACLU of Massachusetts, and the Center for Democracy & Technology in filing an amicus brief last week in the Massachusetts Supreme Judicial Court arguing the Fourth Amendment and Massachusetts’s state equivalent protect us from warrantless video surveillance of our homes.

In Commonwealth v. Mora, Massachusetts State Police secretly installed several cameras high up on utility poles in front of Nelson Mora and Randy Suarez’s homes. These “pole cameras” allowed officers to watch video feeds of the two homes (and by extension everyone going in and out of the homes) in real time, remotely control angle and zoom functions, and zoom in close enough to read license plates. Officers recorded the footage over a period of several months, which allowed them to go back, search through, and review footage at their convenience. They never got a warrant to install the cameras, and the extended surveillance was not subject to any court oversight.

Mora and Suarez moved to suppress the video surveillance, arguing the use of the cameras violated the Fourth Amendment and article 14 of Massachusetts’s Declaration of Rights, which prohibit unreasonable searches.

In our amicus brief, we asked the court to recognize, as the Supreme Court did in U.S. v Carpenter, that, just as collecting cell phone location data over time reveals sensitive information about people, using stationary video surveillance to record all activity in front of a person’s home for months implicitly reveals so much more private, sensitive, and intimate information than the public sees merely walking by the house from time to time. Using this invasive surveillance, the police  could learn or infer private relationships, medical information, and political or religious beliefs. And, as with the collection of location data, technological advances make video surveillance cheap and easy for law enforcement to implement, removing the practical privacy protections that existed when the police had to rely on physical surveillance such as covertly positioning actual officers in front of a house (and paying those officers their full salaries).

Our brief also informed the court about recent advances in camera technology and digital storage and search. Cameras can now hone in on small details with startling accuracy. For example, one company has released a camera small enough to fit on a drone that can identify a face from 1,000 feet and read serial numbers on appliances from 100 feet. Casinos are using cameras that can read text messages off phones. And Logan Airport has a camera that can see any object a centimeter and a half wide from a distance of more than one and a half football fields. Digital storage and search capabilities also now make it possible for police departments to hold on to surveillance footage for a long time and to search through footage easily using keyword searches for categories like gender, age, and “appearance similarity.” Even though the cameras that focused on Mora and Suarez’s homes did not have all of these capabilities, the U.S. Supreme Court has instructed that courts should take into consideration technology that is currently in use or in development in conducting their Fourth Amendment analysis.

Finally, we noted that secret video surveillance like this disproportionately impacts minority and poorer communities. The prosecutors in this case argued that Mora and Suarez did nothing to hide their homes from public view, so they couldn’t expect privacy from government surveillance that would in essence “see” the same thing that a worker on the top of a utility pole could see. However, utility poles commonly rise 20-40 feet in the air. Only the very wealthy can live in communities where their properties are either set back so far from these poles as to be hidden from view or the utilities are buried underground. Without the financial resources to live in neighborhoods and homes like this, under the government’s arguments, those with less means would face forced diminishment of their privacy expectations and disproportionate surveillance in direct proportion to their income level.

The Massachusetts Supreme Judicial Court planned to hear this case on April 7, 2020, but that date has been extended, given the current COVID 19 crisis. We will update this post when the court issues its opinion.

Mar 302020
 
 March 30, 2020  Posted by  Non-U.S.

Kristof Van Quathem of Covington and Burling writes:

On March 24, 2020, the Dutch Supervisory Authority (“SA”) announced the launch of a broad investigation into automobile manufacturers, to determine whether any violations of data protection laws have occurred in relation to connected cars.

The Dutch SA sent a questionnaire to all Netherlands-based car and truck manufacturers, asking what types of personal data they process, how long they keep it, what measures they take to secure it, and with whom they share it. On the basis of the results, the SA intends to engage in dialogue with the sector and, where it deems necessary, initiate enforcement actions.

Read more on InsidePrivacy.

Mar 302020
 
 March 30, 2020  Posted by  Misc

A survey of 471 data protection and privacy officers provides valuable insights into their challenges and priorities for 2020 — from CPO Magazine.

Key highlights:
  • 27% named getting budget and available resources as the organization’s No. 1 challenge
  • 49% have made governance of data processing and the formation of a privacy-aware culture a top priority
  • 20% are making new privacy technology implementation a priority only after privacy programs have matured
  • 57% of organizations have an annual budget of no more than $250,000 for data protection and privacy
  • 76% of organizations have fewer than 10 employees in roles focused on data protection and privacy

Read more on CPO Magazine.