<<This is an extract, as the entire article is too large to post to this list. I would strongly recommend anyone concerned with access to information by governments or private enterprise read this article in its entirety... alister>> http://www.theage.com.au/daily/990808/news/specials/news1.html How your privacy is caught in the Net By DUNCAN CAMPBELL ``You have zero privacy,'' Sun Microsystems' chief executive, Mr Scott McNealy, told Silicon Valley reporters who expressed concerns about a new tagging system for computer chips. ``Get over it,'' he snapped. McNealy was talking about the Processor Serial Numbers, known as PSNs, that are now built into almost every personal computer being shipped, exposing Internet users to unprecedented levels of surveillance. The introduction of PSNs at the end of 1998 created an international furore on the Internet. PSNs are the Australia Card of PCs, a unique, unchangeable number built into your computer, which can be used to build up personal databases on you and your family - what you buy, what programs you use, what you do with your electronic lives. The PSN can be scanned and recorded any time you connect to the Internet. That includes people you don't even know you're connecting to, in particular the legions of cyberspace marketing agencies whose electronic robots operate undercover inside web pages. Visit the pages that advertisers pay to appear on, and their robots, called ``applets'', can drop in and start running on your computer, gathering data for future use. Back at base, they may merge this new data with information already in their possession to build ever more intrusive records. You, the user, have no way of telling that this is happening. ``We believe that providing a unique PSN which can be read remotely by web sites and other programs in mass-market computers would significantly damage consumer privacy,'' warns the US watchdog organisation EPIC (Electronic Privacy Information Centre). ``The records of many different companies could be merged without the user's knowledge or consent to provide an intrusive profile of activity on the computer. The only solution would be to change the processor or computer.'' The idea behind the PSN was to protect business against piracy by preventing music or video recordings or software programs being played by people other than those to whom they had been sold. But a more insidious use is to identify Internet users and to track their activities for marketing or surveillance purposes. Not every computer has a PSN. Apple computers don't use them, nor do computers manufactured before the end of 1998.That's when the world's largest microprocessor chip manufacturer, Intel, started building them into all its new Pentium III chips. Since the row broke over its head, Intel has introduced a fix, allowing users to switch off the serial number. Or so the theory goes. In practice, manufacturers will require that the serial number is switched on before their programs will run or their music will play. In any case, Intel's off switch doesn't really work. In February, it took a group of German computer experts less than a month to show that the serial number could be switched back on by remote control, without the user's knowledge. ENCROACHMENT BY STEALTH The PSN is one more warning that, as we move to an all-electronic society, current concepts of personal privacy may well disappear within a generation. A hundred years ago, US Supreme Court justice Louis Brandeis coined his definition of privacy as ``the right to be left alone''. Brandeis would not recognise the lives we live now. The scale and power of the information now in the hands of governments and corporations would be beyond his comprehension. Children of this generation will never know what it is not to be recorded on dozens of electronic registers, increasingly linked to each other whether they like it or not. One day, their own children may ask them what ``privacy'' was. In Australia, Europe, the US and other nations, plans for integrated central government databases such as the Australia Card system have been fought off. With the worrying exception of the US, privacy commissions have been created by states and governments to control personal data, especially in the public sector. But their efforts to protect privacy are continually threatened by new technology. While controls have been placed on public-sector personal details such as tax files and Medicare records, the private sector is quietly amassing a mountain of routinely collected personal data. And both legally and illegally, that information is for sale. Many of us know that information is being collected, but we seldom realise how, when, or how much. We are irritated or puzzled when personally addressed junk mail fills the letterbox. Much of it is the result of data-matching, the automatic merging of information from multiple sources to build an individual's socio-economic profile. Spending on credit or debit cards, financial transactions, the time and destination of every phone call and e-mail are recorded. Supermarkets record every item bought by customers using discount cards. EVERY STEP YOU TAKE Mobile phones, which will soon incorporate high-capacity Internet terminals, are easily tracked around the country through the transmitter-cell networks they link to. Cellular phones continually emit signals to their base stations to indicate where the user is and to determine which relay will best link to his or her phone. This feature has been exploited by police and security officials to build an elaborate population-tracking system. In the first case in which the system was publicised, a murderer in Britain was convicted because the signals from his mobile phone disproved his alibi. A few months later, top goalkeeper Bruce Grobbelaar was accused of accepting bribes to fix a match. Evidence from his mobile phone company was procured in court to prove that he had made a journey out of London for a midnight meeting with a Malaysian businessman. (Grobbelaar was, however, acquitted of taking bribes.) Commenting at the time, William Ostrom, the head of corporate affairs at mobile phone company Cellnet, said: ``We can tell where any one of our mobile phones was, as long as it was switched on, for any time and date in the past two years. It's exactly the same for all four mobile networks in Britain. ``It's something we don't really draw attention to. A lot of people assume that if they don't use the phone, they are safe from detection. That is not the case. We are helping the police with three cases at the moment.'' In a system now in development, the accuracy of the tracking can be refined down to 10 metres. This can be done with the user's cooperation (for example, in the case of someone who has urgent medical needs) or without. A new video format for use on the Internet, called MPEG-7, is designed to include satellite positioning data about where and when the video was shot. The trade in consumer information has exploded in the past 10 years. As soon as information is moved from manual records to fast, online databases, somebody somewhere will try to use the data to track you. Low-cost computing makes it easy to store, analyse and retrieve information in ways that until recently were impossible. Even telephone numbers are becoming standard personal identifiers. They can be linked to other personal details that an organisation may already hold, or to outside sources such as mailing-list databases or reverse telephone directories. In the US, the Acxiom Corporation of Arkansas offers an online service to marketers, based on capturing a customer's telephone number as they call in. By the time a sales adviser is online to talk to them, they have the person's demographic profile on the screen. They can then tailor their sales talk and marketing information to the person's income and family circumstances. Acxiom is one of the new ``global information solution'' companies that offer personal information profiles around the globe. This growth industry is already worth at least $5 billion a year. WATCH HOW YOU GO Government initiatives throughout the world provide a worrying picture of the electronic future. In Britain, which is rapidly becoming the world's most-watched society, it is estimated that there are almost a million surveillance cameras - one for every six people. Some of them are fitted with facial recognition software to identify those whom local administrations have decided are troublemakers. Other British Government cameras, codenamed Glutton, sit on motorways and record and photograph every vehicle that passes by, alerting police if the vehicle or occupants are of interest. On most main roads in Britain, every three kilometres there is a numberplate scanner. Although the scanners were installed to measure traffic speeds and are not as yet linked to a central database, many fear that that will be the next stage. Legitimate reasons will be presented for doing so - tracking criminals, pursuing terrorists, stopping traffic violations. The ``right to be left alone'' will take another nosedive. Melbourne's City Link, due to open in a week, has strict legislative rules that prevent information recorded on its e-tags being passed to other organisations. The exception is the police, who can gain information, but need a written request from an inspector or above. In Russia, under a new regulation called SORM-2, every Internet service provider has been ordered to pipe everything its users do into computers at the local headquarters of the Federal Security Service (FSB), once better known as the KGB. SORM-2 sounds uniquely totalitarian, but the FSB wants little more by way of Internet surveillance than Western nations' security agencies, including Australia's. According to the International Users' Requirements formulated by the International Law Enforcement Telecommunications Seminar (ILETS), government agencies want real-time, full-time access to the Internet, with instant notification of a user's whereabouts. <<text snipped>> Australia has become the first country in the world to make such computer viruses a tool for law enforcement and security investigations. A new law, the Australian Security Intelligence Organisation Legislation Amendment Act of 1999, is set to be passed in the next few weeks. It allows the Attorney-General to issue a computer search warrant to ASIO. Once authorised, ASIO hackers can plant physical or electronic bugs inside target computers. According to former ASIO deputy director Gerald Walsh, who proposed the new powers: ``The introduction of other commands, such as diversion, copy, send, (or) dump memory to a specified site, would greatly enhance criminal investigations.'' Walsh even suggested that, since most modern PCs are fitted with audio systems, they could be turned into listening bugs. He told Canberra that ``the effort should be made so that a target computer may be converted to a listening device ... which may be remotely monitored by means of the telecommunications service''. <<text snipped>> -- Leftlink - Australia's Broad Left Mailing List mailto:[EMAIL PROTECTED] http://www.alexia.net.au/~www/mhutton/index.html Sponsored by Melbourne's New International Bookshop Subscribe: mailto:[EMAIL PROTECTED]?Body=subscribe%20leftlink Unsubscribe: mailto:[EMAIL PROTECTED]?Body=unsubscribe%20leftlink