Research and commentary on digital technologies in public life
My clipblog has moved to DashLog, a new clipblogging site. My clipblog gives quick pointers to interesting sites or pages, with only minimal commentary. It’s designed as a complement to this blog.
New addresses for my clipblog:
HTML: http://www.dashlog.com/logs/tinker
RSS: http://www.dashlog.com/dash/feed.php?log=tinker
The U.S. government is “taking a very serious look” at improving privacy protection for the new wireless-readable passports, according to an official quoted in a great article by Kim Zetter at Wired News. Many people, including me, have worried about the privacy implications of having passports that are readable at a distance.
The previously proposed system would transmit all of the information stored on the inside cover of the passport – name, date and place of birth, (digitzed) photo, etc. – to any device that is close enough to beam a signal to the passport and receive the passport’s return signal.
The improved system, which is called “Basic Access Control” in the specification, would use a cryptographic protocol between the passport and a reader device. The protocol would require the reader device to prove that it knew the contents of the machine-readable text on the inside cover of the passport (the bottom two lines of textish stuff on a U.S. passport), before the passport would release any information. The released information would also be encrypted so that an eavesdropper could not capture it.
I have not done a detailed security analysis of the crypto protocols, so I can’t vouch for their security. Juels, Molnar, and Wagner point out some protocol flaws (in the Basic Access Control protocol) that are probably not a big deal in practice. I’ll assume here that the protocols are secure enough.
The point of these protocols is to release the digital information only to an entity that can prove it already has had access to information on the inside of the passport. Since the information stored digitally is already visible (in analog form, at least) to somebody who has that access, the privacy risk is vastly reduced, and it becomes impossible for a stranger to read your passport without your knowledge.
You might ask what is the point of storing the information digitally when it can be read digitally only by somebody who has access to the same information in analog form. There are two answers. First, the digital form can be harder to forge, because the digital information can be digitally signed by the issuing government. Assuming the digital signature scheme is secure, this makes it impossible to modify the information in a passport or to replace the photo, steps which apparently aren’t too difficult with paper-only passports. (It’s still possible to copy a passport despite the digital signature, but that seems like a lesser problem than passport modification.) Second, the digital form is more susceptible to electronic record-keeping and lookup in databases, which serves various governmental purposes, either legitimate or (for some governments) nefarious.
The cryptographic protocols now being considered were part of the digital-passport standard already, as an optional feature that each country could choose to adopt or not. The U.S. had previously chosen not to adopt it, but is now thinking about reversing that decision. It’s good to see the government taking the passport privacy issue seriously.
Following the lead of other bloggers, I’ll be writing occasionally to recommend books or articles that I found interesting. Today, I’m recommending two books that could hardly be more different in topic and tone.
This book was a real surprise. I started reading from a sense of obligation, but I was quickly hooked. It isn’t light reading, and parts are simply horrifying; but it explains the events of 9/11, their causes, and the aftermath with admirable depth and clarity. Most surprising of all is the quality of the writing, which rivals the best journalism or historical writing. The tick-tock in Chapter 1 is riveting and will surely be the definitive account of what happened that day.
The Commission had broad access to documents and people, a sizeable staff, and bipartisan national support, all of which allowed them to see clearly the history of the 9/11 plot, the U.S. government’s efforts to deal with al Qaida over the years, and the response to the attacks. Much of this is eye-opening. The sheer chaos and lack of information flow that confronted first responders is sobering. We also see the national security community’s wavering focus on the al Qaida threat and the gathering of significant intelligence about it, coupled with a cultural inability to strike boldly against it before 9/11.
Overall, the report was much better than I expected – much better, really, than a government commission report has any right to be.
Rammer Jammer Yellow Hammer: A Journey into the Heart of Fan Mania, by Warren St. John
Bummed out by the 9/11 report? This book is the antidote. It’s a group portrait of the most rabid University of Alabama football fans, written by a New York journalist who grew up in Alabama and knows firsthand the lure of Bama football. It’s a nicely polished little book packed with laugh-out-loud moments.
A typical vignette introduces a couple who skipped their own daughter’s wedding to go to a Bama football game. (The game got over in time for them to attend the reception.) They seem like fairly normal people, and when asked to explain why they did this thing, they’re at a loss. The author reports asking many Alabamans what they thought of the couple’s story. Three-quarters shook their heads and wondered why in the world loving parents could skip their daughter’s wedding. The other quarter shook their heads and wondered why in the world a loving daughter would schedule her wedding on the day of the Tennessee game.
The beauty of the book is that the author doesn’t caricature the fans. He tells their stories sympathetically, and one comes to see their obsession as not so different from the obsessions or hobbies that many of us have. Indeed, the author himself is gently pulled into their community, buying himself an RV and driving it to the games just like the most devoted fans. He weaves together the stories of the fans, his own story of being drawn into their world, and references to academic studies of fans and their behavior, into a revealing and very entertaining mix. I’m a big fan of this book.
The House has now joined the Senate in passing the Family Movie Act; the Act is almost sure to be signed into law soon by the President. (The Act is bundled with some unrelated provisions into a multi-part bill called the Family Entertainment and Copyright Act. Here I’ll focus only on Section 201, called the Family Movie Act, or “FMA”.)
Some people who haven’t read the FMA, or haven’t thought carefully enough about what it says, decry it as censorship. In fact, it is best understood as an anti-censorship proposal.
The Register, under the headline “Congress legalizes DVD Censorship” summarizes the FMA as follows:
It will soon become legal to alter a motion picture so long as all the sex, profanity, and violence have been edited out, thanks to a bill called the Family Movie Act…
Let’s look at what the FMA actually says:
[The following is not an infringement of copyright:]
the making imperceptible, by or at the direction of a member of a private household, of limited portions of audio or video content of a motion picture, during a performance in or transmitted to that household for private home viewing, from an authorized copy of the motion picture, or the creation or provision of a computer program or other technology that enables such making imperceptible and that is designed and marketed to be used, at the direction of a member of a private household, for such making imperceptible, if no fixed copy of the altered version of the motion picture is created by such computer program or other technology.
There is nothing here (or elsewhere in the FMA) that says you can only skip the dirty bits. The FMA says that you can skip any portions of the movie you like, as long as the portions you skip are “limited”. You can skip the clean parts if you want, as long as they make up only a limited portion, which may be the case for some movies. If the motion picture has commercials in it, you can skip the commercials. If you don’t like the soccer scenes in “Bend It Like Beckham”, you can watch the movie without them.
The soccer-free version of “Bend It Like Beckham” is speech. The FMA allows that speech to occur, by preventing a copyright owner from suing to block it. And the FMA does this in an ideal way, ensuring that the copyright owner on the original work will be paid for the use of their work. That’s the purpose of the “from an authorized copy” and “no fixed copy” language – to ensure that a valid copy of the original work is needed in order to view the new, modified work.
Let’s review. The FMA prevents no speech. The FMA allows more speech. The FMA prevents private parties from suing to stop speech they don’t like. The FMA is not censorship. The FMA prevents censorship.
Last week I and 98,000 other lucky individuals received the following letter:
University of California, Berkeley
Graduate Division
Berkeley, California 94720-5900Dear John Alexander Halderman:
I am writing to advise you that a computer in the Graduate Division at UC Berkeley was stolen by an as-yet unidentified individual on March 11, 2005. The computer contained data files with names and Social Security numbers of some individuals, including you, who applied to be or who were graduate students, or were otherwise affiliated with the University of California.
At this time we have no evidence that personal data were actually retrieved or misused by any unauthorized person. However, because we take very seriously our obligation to safeguard personal information entrusted to us, we are bringing this situation to your attention along with the following helpful information.
You may want to take the precaution of placing a fraud alert on your credit file. This lets creditors know to contact you before opening new accounts in your name. This is a free service which you can use by calling one of the credit bureau telephone numbers:
Equifax 1-800-525-6285 Experian 1-888-397-3742 Trans Union 1-800-680-7289
To alert individuals that we may not have reached directly, we have issued a press release describing the theft. We encourage you to check for more details on our Web site at http://newscenter.berkeley.edu/security/grad. The following Web sites and telephone numbers also offer useful information on identity theft and consumer fraud.
California Department of Consumer Affairs, Office of Privacy Protection:
http://www.privacy.ca.gov/cover/identitytheft.htmFederal Trade Commission’s Website on identity theft: http://www.consumer.gov/idtheft/
Social Security Administration fraud line: 1-800-269-0271
Unfortunately, disreputable persons may contact you, falsely identifying themselves as affiliated with US Berkeley and offer to help. Please be aware that UC Berkeley will only contact you if you ask us, by email or telephone, for information. We recommend that you do not release personal information in response to any contacts of this nature that you have not initiated.
UC Berkeley deeply regrets this possible breach of confidentiality. Please be assured that we have taken immediate steps to further safeguard the personal information maintained by us. If you have any questions about this matter, please feel free to contact us at or toll free at 1-800-372-5110.
Sincerely,
Jeffrey A. Reimer
Associate Dean
In a few days I’ll post more about my experience with the “fraud alert” procedure.
UPDATE 11:45pm – I should add that I gave Berkeley my ‘personal data’ when I applied to their computer science PhD program in 2003. (I ended up at Princeton.) Why, two years later, are they still holding on to this information?
