Last, I Hope, Posting on the Prof. Walter Murphy Matter Topics: Security & Insecurity, Privacy & Liberties, TSA, Censorship, Watchlists, Privurity Follow up to:Prof. Walter Murphy's "No Fly" Incident Not Likely to Have Been Punishment for Speech and More on Prof. Walter Murphy, Including His Interview Coming Up Prof. Orin Kerr had pieced together a sequential outline of the Albequerque Airport incident that may be helpful understanding what happened. J.D. Abolins

17.4.07 03:56 Permalink / 1 Comment / comment

Prof. Walter Murphy's "No Fly" Incident Not Likely to Have Been Punishment for Speech Topics: Security & Insecurity, Privacy & Liberties, TSA, Censorship, Watchlists, Privurity There has been a blogosphere spike in posting on the claim that Princeton University Professor Emeritus Walter Murphy had his name on the "No Fly" list because he had given a speech criticising President Bush. The Balkinzation blog's "Another Enemy of the People?" gives Prof. Murphy's description of his airport security experience. I can sympathise with Prof. Murphy concerning the difficulties with watchlists and database hits. But I doubt his theory that his name is on the "No Fly" list is directly connected with his speech or with him himself. It appears to be another wretched SNAFU in the system rather than an Orwellian punishment. As for the evidence for the claim of being punished for his speech, the Balkinization blog entry reports: --- One of the two people to whom I [Prof. Murphy] talked asked a question and offered a frightening comment: "Have you been in any peace marches? We ban a lot of people from flying because of that." I explained that I had not so marched but had, in September, 2006, given a lecture at Princeton, televised and put on the Web, highly critical of George Bush for his many violations of the Constitution. "That'll do it," the man said. " --- If the airport security had said these things, they probably were trying to be "helpful" by guessing the reason for a hit on his name. Ironically, such guessing is not helpful. It assume a direct cause and effect. The checkers would not normally have access to information on how a specific name may end up on the list. I believe Ryan Singel has correctly summarised the situation in his Wired Threat Level blog posting. Singel writes: --- Woe be it for this blog to defend the country's foolish watchlist system, but after having spent more than four years reporting on watchlists, filing Freedom of Information Act requests, and talking with persons flagged by the lists, I have never seen a single case of a person being put on the list for activities protected by the First Amendment. Feel free to drop any proof you might have via email or in the comments. I'm not even certain that in this case Murphy's name matched or was similar to a name on the list - which is what has snagged nearly every David Nelson in the country and what got Senator Ted Kennedy a dose of handheld wanding. In this case, I would guess that Murphy was singled out randomly. He himself says he wasn't flagged on the way back, which he almost certainly would have been if he were on the 'selectee' list. (The 'selectee' list directs airlines to single out that person for extra screening, while a related list, the 'no-fly' list directs airlines to keep a person off a plane.) --- I love Singel's closing point, "The left wants to believe it is living in some version of Orwell's 1984. Threat Level believes that's a fool's prism. Around these parts, we prefer to see the world through a Kafka and Gilliam kaleidescope." Also see Prof. Orin Kerr's good posting at the Volokh Conspiracy blawg (law blog). J.D. Abolins Editted 10 April 2007 to correct Prof. Murphy's status as Professor Emeritus. Follow-up about to be posted 10 April 2007

10.4.07 05:11 Permalink / 4 Comments / comment

User Friendly Comic Strips on Mis-Placed Privacy & Security Concerns J.D. "Illiad" Frazer draws & writes the "User Friendly" comic strips that are more tech geek oriented than Dilbert. UF is one of my favourites and I buy the comics compilation books from O'Reilly. I support privacy as a tool for liberty (rather than an end in itself) and I advocate rational security approaches such as those expressed in Bruce Schneier's "Beyond Fear". Yet there are times when privacy and security concerns are mis-applied in grossly wretched ways. The UF strips of 28 - 30 November 2006 lampooned such wretchedness spot on as encountered by a tech support person. Strip 1 : Strip 2 : Strip 3 (Hint: coffee cup holder = CD drive tray in an classic tech support joke.) Image of the 28 Nov 2006 strip used here per User Freindly FAQ's conditions for Web use. J.D. Abolins

28.12.06 04:55 Permalink / 2 Comments / comment

Expungement and "Public Policy on a Lie" There was an interesting article on how "Expunged Criminal Records Live to Tell Tales" in the Tuesday 17 Oct 2006 New York Times. (Unfortunately, the article has now scrolled off into the paid-access archives. A copy of the article's text can be found on another blog.) Although the article focuses upon the US states' expungement (sealing) of criminal records, the general issues of dealing with criminal records arise in other countries. In the UK, data records problems have resulted in problems for innocent people. Expungement-related data problems in the States are a bit different in that the person affected did have a legitimate record. The expungement granted by a court "seals" the records of arrests, convictions, etc. for most offences if the court deems the applicant to be rehabilitated or otherwise relatively safe. The theory is that the "sealing" of a person's criminal records, including cases where the charges were dropped, would help the person to get reestablished in society by being able to find a job, to get an education, to find housing, etc. The reality of the matter is quite tangled. As the New York Times articles and this good commentary on Paul McNamara's NetworkWorld blog. The traditional criminal records "seals" don't work as copies of the criminal records are now stored electronically, often out of synch, in many locations. Also private records of offences, arrests, and convictions, such as newspapers, have no obligation to expunge or to even note a legal expungement or pardon. Sealing data of any kind is difficult. Better, but still elusive, hopes lie in the interpretation and use of the data. One of the particularly interesting comments in the New York Times articles was one by Margaret Colgate Love, an attorney specialising in pardons and the author of the book Relief from the Collateral Consequences of a Criminal Conviction. (The book, by the way, is an excellent survey of US state laws concerning criminal records and dealing with their effects.) She said that the problems of people being affected by expunged records surfacing in backgrounds are rooted in the nature of expungement. She noted, "It does reveal how perilous it is to build a public policy on a lie.” "...how perilous it is to build a public policy on a lie." This is a profound statement about information handling and public policy!  Not that Ms. Love is seeking a relentless "Les Miserables" pursuit of everybody with a record. Not at all. She is merely noting the fragility of info hiding as a protective measure, especially for categories of records that normally have to be available to many people. It means that other methods of handling the records are needed. Lest one think that these issues apply only to dangerous thugs and low-lifes, the expungement and criminal records cover people who have been arrested and either had the charges dropped or were found not guilty. The records and the potential for job and housing problems can affect people with old disorderly persons charges or ones connected with things such as peaceful protests and civil disobedience. Besides criminal records, Ms. Love's comments apply to certain jurisdiction's handling of other matters, including adoption records. (In New Jersey, the allowance for biological parents identity to be sealed and for the modification of birth records to reflect the names of the adopting parent is major issue as adoptees are concerned about lacking family medical history information and a sense of "who they are".) If public policy is to abandon the "lie" associated with the sealing or back-altering records, it would bring the challenge of how do we all handle the information. Would we write millions of people? Or would the realisation of how many people would be adversely affected encourage a better analysis of the risks and benefits? Would we start looking for positive information about a person just as much as looking for any negative hits? This last one is particularly important as we risk slipping into desiring only inoffensive bland people with no hits in background checks and, thus, lose valuable people. J.D. Abolins

29.10.06 19:31 Permalink / 18 Comments / comment

Jennifer Granick's Great Response to Pogue's "Perspective on Privacy" About two weeks ago, New York Times computer technology columnist David Pogue wrote a perspective on privacy that dismissed various privacy concerns, at moments sounding like Scott McNealy's "You have zero privacy... get over it" slap. (Not that he was all wrong. I recognise some of the common privacy concerns foibles to which he seems to be reacting. Sometime, people quickly rasing privacy objections can sound like a gloomy knee-jerk bunch to techies.) I haven't had time to respond to his column but info tech attorney Jennifer Granick did a nice concise response to some of Pogue's assertions. Thank you Jennifer! I do want to take a moment to comment on one thing in Pogue's "Perspective on Privacy" column. That is a reference to cell phone encryption. He wrote: [-- This all reminds me of a recent e-mail from a reader who wanted to know if it’s possible to get a cellphone that encrypts your conversation so nobody can eavesdrop on the line. This, too, blows my mind. A couple weeks ago, I was riding a commuter train to New York. A lady was loudly talking on her cellphone; that’s nothing new. But although she was holding it up to her ear, she was utterly unaware that she had it on speakerphone. She was broadcasting *both* sides of her phone call to the entire car; the rest of us could hardly stop ourselves from cracking up. Dude: if anyone’s going to eavesdrop on your cellphone calls, it’s not going to be mysterious spies hacking into the cellular network towers. It’s going to be the person next to you on the plane, train or sidewalk. --] He's spot on with the information carelessness and rudeness of many cell phone users. But there are many people who are far more discreet with their communications and even the loud louts have moments when they are alone and making sensitive calls. There are various modes of securing the cell calls in their transmission, including the Cryptophone project. A challenge is having compatible devices on both ends of the communications. The average person may find the general security of cell phone communications sufficient. Some people working with very sensitive matters will seek extra protection. (Such sensitive matters need not be spy cloak & dagger stuff. People working on research & development in highly competitive, cut-throat industries might not take chances.) Side note: Although Pogue was focusing upon the snooping on cell phone calls, cell phones themselves can be use as snooping devices. For example, a techniques that sometimes has been used in business snooping is to leave a cell phone with a silent/no-vibrate call answering setting in a room one wants to bug. Leave and call the cell phone. (Helps not sneeze loudly. ). According to a guide on office espionage techniques, a businessman used this method to listen in on potential clients' conversations about his proposal while he went off to the loo. J.D. Abolins

26.10.06 04:21 Permalink / comment

Prof. Orin Kerr's Paper on Cryptography & Privacy Expectations Prof. Orin Kerr of George Washington University Law School recently posted his 2001 paper on cryptography and the the reasonable expectation of privacy.Given that many people assume that encrypting info automatically grants a higher reasonable expectation of privacy and, thus, more legal protections. But does encryption really accomplish that? Prof. Kerr's answer in somewhat counterintuitive. The paper is The Fourth Amendment in Cyberspace: Can Encryption Create a Reasonable Expectation of Privacy?.[PDF 1.8 Mb] (Connecticut Law Review, Vol. 33, p. 503, 2001) Of course, the legal analysis is tied to the US Bill of Rights and the Fourth Amendment concerning searches and seizures. But, it appears that the paper's exploration of the issues provides insights applicable to other legal systems. Prof. Kerr is responding to a view that cryptography provides a protection from warrantless searches because it is analogous to a lockbox used to store personal papers and providing a "reasonable expectation of privacy". (I won't explore the reasonable expectation of privacy concept here. But I should mention that this common cited standard is getting tattered and needs reexamination. Maybe in another blog posting someday.) Orin Kerr challenges the notion a special Fourth Amendment protection is created by encryption. He states that the Fourth Amendment "regulates government access to communications, not the cognitive understanding of communications already obtained"; once the ciphertext is in plain view, its plaintext is also in plain view for Fourth Amendment purposes. How Prof. Kerr demonstrates this point provides an interesting and thought-provoking examination of various notions concerning cyberspace and the law, of questionable analogies for cryptography  (such as the lock & key) for purposes of legal debate, and more. Although some things have changed in the five years since he first wrote the paper, it still has much of value to say.  By the way, you can read Prof. Kerr's comments on his paper at the Volokh Conspiracy blog. In plaintext, J.D. Abolins

5.9.06 04:04 Permalink / 2 Comments / comment

NJ Court: Don't Run From Cops (Even if the Stop is Unconsitituional) On Monday, the New Jersey ruled a police order to stop must be be obeyed even if the order is unconstitutional. The 6-2 decision upheld the conviction of a man for obstructing a public servant from performing his official functions "by means of flight". This is not the first US court case about charging a person for merely running away from the police. The interesting thing here is the court said that it does not matter if the police questioning or stops are constitutionally sound or not. The focus of this notable decision is public safety. Justice Barry Albin, writing for the majority, said a police order may only be contested in court and not by provoking a chase that could endanger innocent bystanders. Various dissenters claim this decision will create a new category of offences and make it a crime to merely leave a non-arrest police stop. , Frugan Mouzon, a lawyer who argued the defendant's appeal, said, "It actually rules for the first time you can be arrested for walking away from police officers even if those officers had no reason to stop you in the first place." But the decision's emphasis upon dangers to the public from police chases appears to allow a person to walk away from police officers. It is the manner of leaving that makes a difference. (In the US, a key factor for determining if a person is under arrest is whether or not the person is free to leave. I don't see the court overturning that.) The case's listing at the NJ State Judiciary's Web site:  A-52-05 State v. Saleem Crawley (58,340) Where police officers, in response to an anonymous tip about criminal activity, requested defendant to stop and answer some questions because he matched the description provided in the tip, can defendant be found guilty of obstruction for running away? Certification granted:  10/12/2005 Argued:   2/15/06 Disclaimer: I am not an attorney. Do not take my posting as a substitute for competant legal counsel.  Walk, don't run. J.D. Abolins

26.7.06 13:46 Permalink / 7 Comments / comment

[first page] [previous page]  [next page]