Medical Privacy Under Threat in the Age of Big Data

The Intercept has a good introductory story about Medical Privacy Under Threat in the Age of Big Data. I was surprised how valuable medical information is. Here is a quote:

[h]e found a bundle of 10 Medicare numbers selling for 22 bitcoin, or $4,700 at the time. General medical records sell for several times the amount that a stolen credit card number or a social security number alone does. The detailed level of information in medical records is valuable because it can stand up to even heightened security challenges used to verify identity; in some cases, the information is used to file false claims with insurers or even order drugs or medical equipment. Many of the biggest data breaches of late, from Anthem to the federal Office of Personnel Management, have seized health care records as the prize.

The story mentions Latanya Sweeny, who is the Director of the Data Privacy Lab at Harvard. She did important research on Discrimination in Online Ad Delivery and has a number of important papers on health records like a recent work on Matching Known Patients to Health Records in Washington State Data that showed that how one could de-anonymize Washington State health data that is for sale by search news databases. We are far more unique than we think we are.

I should add that I came across an interesting blog post by Dr Sweeny on Tech@FTC arguing for an interdisciplinary field of Technology Science. (Sweeny was the Chief Technologist at the FTC.)

TSA’s Secret Behavior Checklist to Spot Terrorists

The Intercept has published the TSA’s behaviour checklist for spotting terrorists as part of two stories. See, Exclusive: TSA’s Secret Behavior Checklist to Spot Terrorists. The Spot Referral Report includes all sorts of behaviours like “Arrives late for flight …”. The idea of the report is that behaviours are assigned points and if someone gets more than a certain number of points the suspect is referred to a Law Enforcement Officer (LEO). The checklist is part of a SPOT (Screening of Passengers by Observation Techniques) Referral Report that is filled out when someone is “spotted” by the TSA. A second story from the Intercept claims that Exclusive: TSA ‘Behavior Detection’ Program Targeting Undocumented Immigrants, Not Terrorists.

Islamic State doxes US soldiers, airmen, calls on supporters to kill them

Ars Technical has a series of interesting articles about doxing including an article about how the Islamic State doxes US soldiers, airmen, calls on supporters to kill them . How long before IS starts identifying the Canadian special forces sent to advise in the war in Iraq and Syria. Or … imagine the doxing of drone operators as a form of retaliation.

Doxing and other troll tactics seem to be entering the mainstream. Gabriella Coleman in Hacker, Hoaxer, Whistleblower, Spy writes about Anonymous and their use of various tactics for often admirable causes. She goes further and suggests that trolling may be form of resistance suited to the emerging surveillance state,

Anonymous is emblematic of a particular geography of resistance. Composed of multiple competing groups, short-term power is achievable for brief durations, while long-term dominance by any single group or person is virtually impossible. In such a dynamic landscape, it may be “easy to co-opt, but impossible to be co-opted,” (location 5691 of 8131)

She also sees in Anonymous and trolling the tradition of the trickster. “Trickster tales are not didactic and moralizing but reveal their lessons playfully.” (Location 511 of 8131) It wasn’t long before the tricksters got attacked as the tactics spread. See Dox everywhere: LulzSec under attack from hackers, law enforcement.
The GamerGate controversy showed a much darker side to trolling and how these tactics could be used to bully as much as to resist. The people doxed were mostly women and so-called “social justice warriors” who annoyed certain gamers. Those doxed were hardly the powerful or Big Brother watching us. Now (women) academics who study gaming are being identified. How long before we have to train our graduate students in Anti-doxing strategy as part of preparation for research into games?

Canadian Spies Collect Domestic Emails in Secret Security Sweep

The Intercept and CBC have been collaborating on stories based on documents leaked by Edward Snowden. One recent story is about how Canadian Spies Collect Domestic Emails in Secret Security Sweep. CSE is collecting email going to the government and flagging suspect emails for analysts.

An earlier story titled CSE’s Levitation project: Expert says spy agencies ‘drowning in data’ and unable to follow leads, tells about the LEVITATION project that monitors file uploads to free file hosting sites. The idea is to identify questionable uploads and then to figure out who is uploading the materials.

Glenn Greenwald (see the embedded video) questions the value of this sort of mass surveillance. He suggests that mass surveillance impedes the ability to find terrorists attacks. The problem is not getting more information, but connecting the dots of what one has. In fact the slides that you can get to from these stories both show that CSE is struggling with too much information and analytical challenges.

O’Hagan: The Lives of Ronald Pinn

Thanks to a note from Willard on Humanist I came across this essay in the London Review of Books, Andrew O’Hagan · The Lives of Ronald Pinn (LRB 8 January 2015). The author decided to develop a false identity and “legend” by using the name of a dead person (Ronald Pinn) who was born around the time he was. This was in response to stories about how UK police had been going undercover since 1968 to infiltrate political groups. The police had been bringing identities back to life so O’Hagan decided to try it. In the process he explored a lot of the dark web including ordering drugs from the Silk Road, ordering guns, getting false IDs and so on.

The essay or biography is well written and poignant. Just before ends the legendary Pinn he meets the original’s mother.

‘Oh, Ronnie,’ she said. ‘There was nobody like him.’

Trolling and Anonymous

Useful research is finally emerging about trolling in its different forms. The Guardian had a nice overview article by a professor of business psychologies titled Behind the online comments: the psychology of internet trolls. Researchers at the University of Manitoba and UBC have published an article with the title Trolls just want to have fun (PDF preprint) that found evidence that sadists like to troll. They conclude,

The Internet is an anonymous environment where it is easy to seek out and explore one’s niche, however idiosyncratic. Consequently, antisocial individuals have greater opportunities to connect with similar others, and to pursue their personal brand of ‘‘self expression’’ than they did before the advent of the Internet. Online identity construction may be important to examine in research on trolling, especially in terms of antisocial identity and its role in trolling behavior. The troll persona appears to be a malicious case of a virtual avatar, reflecting both actual personality and one’s ideal self . Our research suggests that, for those with sadistic personalities, that ideal self may be a villain of chaos and mayhem – the online Trickster we fear, envy, and love to hate: the cybertroll. (Buckels, E. E., et al. Trolls just want to have fun. Personality and Individual Differences (2014), http://dx.doi.org/10.1016/j.paid.2014.01.016)

By contrast, McGill professor Gabriella Coleman recently published a book about Anonymous, Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous. Coleman also compares the trolling of Anonymous to traditions of the trickster, but is far more sympathetic as she tracks the politicization of Anonymous. About trolling she writes,

Trolls enjoy desecrating anything remotely sacred, as cultural theorist Whitney Phillips conveys in her astute characterization of trolls as “agents of cultural digestion [who] scavenge the landscape, re-purpose the most offensive material, then shove the resulting monstrosities into the faces of an unsuspecting populace.” In short: any information thought to be personal, secure, or sacred is a prime target for sharing or defilement in a multitude of ways. Lulz-oriented actions puncture the consensus around our politics and ethics, our social lives, and our aesthetic sensibilities. Any presumption of our world’s inviolability becomes a weapon; trolls invalidate that world by gesturing toward the possibility for Internet geeks to destroy it—to pull the carpet from under us whenever they feel the urge. (Location 491)

She sees anonymous hacking as one of the ways we can resist the blanket surveillance that Snowden revealed. Anonymous may be the future of resistance even as it emerges from the nasty side of trolling. I can’t say that I’m convinced the ends justify the means, at least when you aren’t willing to take responsibility for the means you employ, but, she is right that it has become a form of resistance for the surveillance age.

Anonymous is emblematic of a particular geography of resistance. Composed of multiple competing groups, short-term power is achievable for brief durations, while long-term dominance by any single group or person is virtually impossible. In such a dynamic landscape, it may be “easy to co-opt, but impossible to keep co-opted,” … (Location 5691)

Adobe is Spying on Users, Collecting Data on Their eBook Libraries

AdobDR4

Nate Hoffelder on The Digital Reader blog has broken a story about how Adobe is Spying on Users, Collecting Data on Their eBook Libraries. He and Arts Technica report that the Adobe’s Digital Editions 4 send data home about what you read and how far (what page) you get to. The data is sent in plain text.

Hoffelder used a tool called Wireshark to look at what was being sent out from his computer.

Sensitive Words: Hong Kong Protests

On Thursday I heard a great talk by Ashley Esarey on “Understanding Chinese Information Control and State Preferences for Stability Maintenance.” He has been studying a dataset of over 4,000 censorship directives issued by the Chinese state to website administrators to do things like stop mentioning Obama’s inauguration in headlines or to delete all references to certain issues. I hadn’t realized how hierarchical and human the Chinese control of the internet was. Directives came from all levels and seem to also have been ignored.

In his talk Esarey mentioned how the China Digital Times has been tracking various internet censorship issues in China. At that site I found some fascinating stories and lists of words censored. See: