ANPR (and WAIT WTF HOLYSHIT? Appelbaum/Farr, FEMEN/Cologne)

QOTD: “I have come to think of positive self-esteem as, in effect, the immune system of consciousness.” — Nathaniel Branden (Canadian psychotherapist, Ayn Rand’s ex)

What we have here is a technology that was developed by the British in 1984. Perhaps no wonder, then, that it’s proven largely useless for preventing actual crime but proven wonderfully effective at tracking and persecuting political protesters for quietly holding up signs at rallies.

I speak here of the ubiquitious-in-less-free-countries Automatic Number Plate Recognition, or ANPR. The fine art of melding image recognition algorithms with a nationwide network of cameras to track cars by their license plates, in real time, everywhere in the country.

With special mobile units to do extra-fine-grain tracking around political protests.

Now, don’t get me wrong. It’s been used to catch terrorists… after they were driving home, despondent that the rally they were planning to attack had been called off for lack of interest, and had been pulled over due to old fashioned police instinct. (The would-be terrorists had been “under observation” by a local counter-terror unit prior to the attack, but those cops had missed all the important signs of the would-be bombing.)

It’s been used to catch people wanted for questioning… after three days and 16 “alerts” in the system, during which time the person had committed a rape and a murder.

But mostly, it looks like it’s been used for somewhat more important tasks: “In a 2008 briefing document, senior officers were instructed to “fully and strategically exploit” the ANPR database for tracking anyone involved in protests…”

Ah, priorities.

Appelbaum seems to have got himself into the center of a bit of hacker drama.

At 22:46 on December 23, 30C3 Lightning Talks coordinator Nick Farr added the below “Lightning Talk” to the page.

(Background: Farr is an institution at many hacker conferences, including the German Chaos Computer Congress and DEFCON. He specializes in the logistics and messy details conference organizers prefer not to deal with.

Personally,[1] Farr is a Catholic, an admirer of former US Defense Secretary and Vietnam War promoter Robert McNamara, and the founder of a hackerspace on the north edge of the NSA-headquartering Fort Meade. His greatest fear is “the breakdown of civilization, which I believe is well underway in many different ways.”

Farr is also currently applying to be a citizen of Germany.[12])

As you can see, the talk[1] promised much excitement:

Title: “@ioerror is our best asset”

Description: “I recruited Jake Appelbaum to work for the FBI in San Francisco in 2001. Since then, he’s been an asset of the CIA and NSA up until 2013. I was fired several months short of retirement this month in connection with the Snowden leaks. I believe the community should know.”

The talk was listed with no speaker name, later changed to “TBA.”

15 minutes later, the description was changed, deleting agency references and dates and claiming the speaker had been fired “on the basis of information given to my superiors by Appelbaum.”[3] Further changes occurred tweaking the grammar.

This is highly unusual — no other talks’ descriptions experienced this kind of interactive editing.

WAS NICK FARR COMPOSING THIS DESCRIPTION PERSONALLY? Or was he just chatting interactively with the speaker?

At 9:49 on December 24, someone pointed this out on Twitter[6], to which Appelbaum reacted within half an hour[7], “Looks like another attempt to slander and libel me. What a load of bullshit.” He would later add, “Sounds like COINTELPRO tactics designed to troll or divide a community with lies.”[8]

By 23:46 on December 24, the page content was reverted and the talk vanished. [5] Presumably this was due to controversy inside the CCC, because at 06:58 on December 25, the speaker policy had been changed from “no curation on content or message” to “non-controversial topics.”[4]

OK, why would anyone do this?

One suggestion is disinformation to distract/defang the Appelbaum et al talk earlier that day on the “Militarization of the Internet,” [11] which Appelbaum has said “will likely need a press conference when we’re finished”[9] and hinted that the explosive reveleations meant he was afraid someone would try and stop it [10].

The other suggestion is that someone, possibly Farr, wanted to get something off his chest.

There’s no way to say. It looks like the talk will not take place. When I originally saw the description, I felt sure it was fake — nobody “on the inside” for real would say Appelbaum had been recruited by the “US Intelligence Community,” they would list the particular agency.

But it turns out they did list the agency. With dates. And if the author was Farr, with his clear ideological and geographical proximity to the US military intelligence complex… I’d have to stamp this one “plausible.”

Anyway, I don’t like this half-stuff, casting suspicions over both Appelbaum and Farr when — I emphasize — the evidence is circumstantial at best. So here’s to hoping the “Militarizing the Internet” talk is indeed so explosive as to make some disinformation-damage-control the more plausible of the two options. And that, rather than being part of the “intelligence community” himself, Farr was just chatting with some sketchy dude.

After all, as Farr would perhaps say, “by their fruits ye shall know them.”

[5] [6]

[9] @jayrosen_nyu I’m not sure – our talk on the last day will likely need a press conference when we’re finished. I’m open to suggestions.

[10] I always love reaching the point in preparing a talk where I am no longer the single point of failure; hooray. #dontdronemebro


[12] First steps towards German citizenship… (@ Consulate General of the Federal Republic of Germany)

Tits and/or GTFO: Just gonna post this without comment.

“ANPR IS A BRITISH INVENTION: created, developed, and tested in the UK. Its first major outing was in 1984, when police scientists set themselves up in a small, unmarked cabin on a bridge overlooking the busy M1 motorway.

The road is one of the country’s most important north-south arteries, running 193 miles between London and Leeds. Inside the cabin, video cameras were trained on every lane of traffic. As cars passed beneath, the cameras captured their registration numbers and sent the data along a cable to a hut hidden a hundred meters away and out of sight of the road, where a computer checked a list of stolen vehicles. This was Britain’s first fully functioning ANPR installation.

“At the moment there is no intention of using it for anything other than detecting stolen cars”, a police spokesperson noted at the time.

Scientists had been working on the system for eight years, but the M1 set-up was the most advanced deployment to date: not only was it capable of tracking moving cars but, using infrared, it could read plates at night.

Concerns about the new technology were raised immediately, including from within the government. A 1984 report for the Greater London Council Police Committee warned that the system made every car a potential suspect and handed policy on mass surveillance to the police. “This possibility in a democracy is unacceptable,” it concluded.

Democratically unacceptable or not, the development of networked ANPR continued.[…]

BRITAIN IS ONE OF THE MOST surveilled countries in the world. Studies put the number of operational CCTV cameras at between two and four million, for a population of 60 million people. The country’s national DNA database holds records on six million people. Telecoms companies are mandated to store logs of all mobile-phone calls and text messages for 12 months, and to make the data available to government at all levels.

In many cities, closed-circuit cameras have built-in loudspeakers that allow operators—mainly local government employees—to speak directly to those they see live on-screen and suspect of foul behavior. […]

One review of 44 separate CCTV studies, published the same year as the House of Lords report, showed that the more than £500 million ($780 million) spent on CCTV in Britain in the decade up to 2006 had produced only modest benefits. The report’s most damning conclusion found that where CCTV was at its most effective—preventing vehicle crime in car parks—the same results could be achieved simply by improving lighting in the parking area.[…]

In July 2013, the Information Commissioner’s Office (ICO), which is responsible for overseeing Britain’s privacy laws, issued an enforcement notice regarding Hertfordshire Police’s use of ANPR around the small town of Royston.

Despite having a population of just 15,000 and a relatively low crime rate, the town was encircled in 2011 by ANPR cameras that record every vehicle that enters and leaves, 24 hours a day. Following a complaint by privacy groups, the ICO ruled that the system had not taken privacy into account, making it a violation of the Data Protection Act. The town’s police force reacted by saying that while they will work with the commissioner, they would continue using the cameras, and monitoring the citizens of Royston, for the foreseeable future.[…]

In 2010, Birmingham City Council and West Midlands Police announced Project Champion, an initiative to combat anti-social behavior and street crime. Over 150 ANPR cameras and almost 50 CCTV cameras were installed in and around the neighbourhoods of Washwood Heath and Sparkbrook. Forty were classified as covert, most likely hidden in trees and walls. The result was another version of the ring of steel, preventing local residents from entering or leaving the area without their cars being tracked.

Washwood Heath and Sparkbrook both have large Muslim populations, and Birmingham councillors were concerned that the program would unfairly target their Muslim constituents and damage community relations. Their misgivings were dismissed by West Midlands Police, who repeatedly said the scheme was in place for public “reassurance” and “crime prevention.”

But in June 2010, an investigation revealed that the £3 million ($4.6 million) camera network had actually been funded entirely by a national anti-terrorism initiative. The object was not to protect local residents: it was to create a “vehicle movement net” that would allow operators to covertly watch potential terrorism suspects.

It was a public relations disaster, and West Midlands Police and the city council were forced to apologize for masking the true intentions of the system. Residents voiced their anger at public meetings, graffiti on local walls declared “you are now entering a police state” and bags were placed over the cameras to prevent them from being used.[…]

Other types of algorithmic investigation are being developed all the time. The police now use pattern analysis not just to see where a car has been, but to predict where it might be in the future. Sometimes this is used to re-establish human surveillance of a target who has slipped the net. It is also used to build a list of potential witnesses to an incident by finding those who regularly travel past the spot in question at a specific time. And then, sometimes, it helps law enforcement decide where to wait if they want to stop a car that has produced a hit on the hotlist.

These techniques show the real key to the power of the ANPR network. It is not merely a group of roadside cameras, and it does not just react to what it sees immediately: it is a vast database of historical movements. Every vehicle it captures is saved, analysed and reviewed. This is what transforms the network from a simple, real-time identification tool into a system of pervasive and algorithmic surveillance.[…]

When dealing with data, it is easy to make connections, which then justifies making further connections. This, in turn, encourages the retention of data for longer and longer periods. The ease of technological analysis makes retention, not deletion, the default option: a subtle twist on the old argument that if you have done nothing wrong, you have nothing to hide.[…]

DESPITE THE ARGUMENTS made in favor of algorithmic collection and analysis, ANPR’s track record is poor. Unlike many other surveillance systems, no major study of its efficiency has yet been conducted, leaving those who support it with a handful of highly-publicised cases where technological intervention was deemed a success.

Yet even in these instances, ANPR’s success is often nothing of the sort. Peter Chapman may have plead guilty to murdering Ashleigh Hall and received a 35 year minimum sentence for his crime, but it wasn’t murder that the police wanted to stop him for. And it wasn’t ANPR that prevented a tragedy in Dewsbury: it was the incompetence of the would-be attackers. They were arrested after their planned strike, not before—and it was because the group missed their target rally, not because law enforcement had intervened. Likewise, their motives were discovered only because their car was impounded for not being insured. This, it turns out, was because they had entered their details incorrectly when buying insurance online.

In fact, Dewsbury was in many ways a failure of surveillance, not a success: Jewel Uddin had actually been under observation by the West Midlands Counter-Terrorism Unit, a joint team of detectives and MI5 intelligence staff. Just five days before the failed attack, a surveillance officer watched him and Khan enter a home store in Birmingham, where they bought the knives they stashed in the back of the Laguna. But nobody was watching earlier in the month, on the day when Uddin and another plotter, their 22-year-old friend Mohammed Hasseen, went on a reconnaissance trip to Dewsbury, nor when they returned to carry out their grisly mission. Internal enquiries by West Midlands Police concluded that everything that could have been done was done… and yet uncovering the intent of Uddin and his conspirators relied on a daisy chain of good luck and coincidence.[…]

After they filed a complaint about the incident, they discovered what had made them of interest to law enforcement: they had attended a series of legal and peaceful protests against the EDO Corporation, an American arms manufacturer that used to supply weapons systems to the United States and Israel.[…]

The Catts are not alone. Another man, who spoke to journalists but chose to remain anonymous to prevent further harassment, says he was stopped more than 25 times by police under a variety of pretences after he had attended a peaceful local protest against duck and pheasant shooting. He finally made a formal complaint after police armed with machine guns pulled him over during an evening out with his wife.[…]

In a 2008 briefing document, senior officers were instructed to “fully and strategically exploit” the ANPR database for tracking anyone involved in protests, or those who had previous convictions for motoring offences, such as drunk-driving.[…]

In contrast to the ANPR database, the social database—one of Facebook connections, Instagram tags, Gmails and much else—is one we have built ourselves, but it does as much as any top-down system to weaken both our expectations and the reality of our privacy.[…]

Consent, the bedrock on which the agreement to be policed is based, is meaningless without comprehension, and comprehension is impossible without visibility. It is only when people are brought face-to-face with the reality of surveillance—as the Catts were, and as the people of Washwood Heath and Sparkbrook were—that they see how their privacy, and their right to be presumed innocent, have been affected.”

%d bloggers like this: