Why Facial Recognition is Not Limited to Microsoft Governance

[As submitted to the IAPP]

Dear Editors,

I listed constituent objections to Microsoft running up the privacy flag here.

Facial Recognition Technology and other commercialized versions of biometrics were driven by the will of DARPA investors to get their money and mass surveillance intelligence back to the Department of Defense. While I realize this is under-reported, you should understand that the millions of DoD civilian servants, their dependents, veterans and active service members are all familiar with base mandates for use and employment requirements of biometric ID. There is literally a standing army of non consenting Americans who were compelled to use biometrics in public service. Do not underestimate what they have to tell the public about FRT or any other biometric technology.

Whatever this is about, it's not about Julie Brill. When she carried the USG, she was impotent against [Obama’s] NatSec forces, PRISM and violence to 4th Amendment, as FTC head. [So will be all FTC agency heads. This is a principled reason why “privacy” cannot be a consumer matter delegated to the FTC. DoD and DNI overreach and employment of the private sector will continue, as federal contractors. While predictably uncaring anti-personal liberty Berkeley CS grads, local Communitarians standing behind the Lenin statue in Seattle’s Fremont district, DSA lefitists, and Obama “flat earthers” make their nests on mass surveillance, China scraped everyone. Brill, like many Obama supporters, now carries the burdensome voting record of tacit support of his mass surveillance plan. She cannot carry the flag of public trust from those whom she failed in America’s computing contractor. That leaves the very hard policy work to the people who have to live with what Washington State permits as law.]

Sincerely,

Sheila Dean

Imagine a World Where Privacy Law is Enforced…By You.

‘Obstruction of justice’ is also refusing to enforce privacy law when there is a clear and present danger to the public

 

My 2020 weapon of choice is honesty.  To be blunt, this will be, at least, the second Washington State session I witnessed an open secret. Microsoft, a corporation underneath a 20 year consent decree for privacy violations and unfair practice, sent in Brad Smith and his public policy team to write up the privacy law it can live with for the State of Washington.  Of course, the legislation, faithfully chanelled by Senator Carlyle, is a milquetoast privacy placcard to soothe global regulators in Europe and prevent scare of Chinese/Canadian investors away with any kind of law enforcement.

The chair of the Consumer Protection Committee won’t take up  privacy as a consumer protection matter.  The Chair of the House Public Safety Committee indicates corruption by way of corporatism for lack of law enforcement means with toothsome privacy laws like: HIPPA, COPPA, the Drivers License Protection Act and of course, my pet favorite to reign in federally funded mass surveillance, the Privacy Act of 1974. 

“That’s only applies to federal matters, right?”  

Yes, Representative, that’s right. If the State of Washington accepts federal funding for their police work, mass spectrum wireless/ IOT/smartphone surveillance, biometric capture and analysis systems at U.S. borders and anything else usually rubber stamped for appropriations in a CROmnibus package headed for WA State, including traffic cameras, geolocation devices and ALPR … a  United States Citizen may write their Microsoft Federal first party data controller and tell them to stop collection and schedule destruction of their data. Then Microsoft has to do it. Kind of takes the air out of those Q2 projections based on trade transfer mandates and DOD “research” bids.

In a quantum reality where I actually have a reasonable expectation of privacy, Microsoft, and other serial privacy violators underneath FTC conformance orders, would get chased out of Consumer Protection and appropriations offices by capitol security for fear of guilt associations. Government workers would sit around and talk about how the FBI’s malfeasance division actually busted someone they knew, who went to jail for licensing access to siloed public data to third party political actors. The scandal would have displaced several Senators and key members of the US Congress for accepting bribes, gifts and any other kind of persuasion to obstruct justice or enforcement of privacy laws.

The current lawmaking class behaves as if there were no recollection of life before 2007, FISA or the Bush regime’s suppression of US 4th Amendment rights and freedoms. They act as if privacy law was never enforceable. Formerly, so many businesses were utterly terrified of running afoul of privacy law because it was so strong and punitive, with both stiff civil and criminal penalties. 

Now, of course, all we have is non-law enforcement-enforcement from the FTC, who  will whine after protection orders gavell down that, “It wasn’t strong enough!!”  In the meantime,  Salim, Salabim  the CFO for CRIME CORPORATION whips out a magic checkbook and pays The Man. NEXT!!

No. Clearly, there is a breakdown in law enforcement of privacy law. It’s time for jail. It ain’t consumer protection until the CFAA violators who poached the Children’s Hospital credentials from Estonia or Kabul goes to jail and the obese infosec lead, whose keyboard is covered in Doritos powdered cheese and apathy, also serves some time … for not giving a damn.

Did I get it wrong perhaps? Let’s try another scenario then. In this scenario, the risk-analysis team who greenlit COPPA violations for smartphones would get perp walked on the 7 PM news. TMZ  PM edition sports the mugshots of marketing leads who used to work at AT&T and Disney now in jail for not allowing perfectly enforceable law to be their North Star, opposed to licensing the information of 7 year olds to anyone who would pay.

My law enforcement and white collar crackdown fantasy continues as a massive public-private sting soon demonstrates several K Street fixer firms implicated, along with at least 40% of seated US Congress in publican data price fixing, profiteering, extortion, larceny, menacing and obstruction of justice busts.  The scope goes global as Interpol reaches deep into UK leadership, Italy, Israel and China with extradition orders to stand witness and submit records at the Hague for global privacy violation, human rights violations and kleptocratic enrichment.

Then people howling from all violations fill the streets to celebrate the takedown of the Panopticon’s machines. Ribbons and tickertape fill the streets as people manufacture some new Free People’s festival on the spot. Busking DJs and musicians magically show up. Hackey sack and street food vendors flock to the occasion. Local business regulators fold their arms and say, “Meh. We will get them at tax time.” Police and Fire volunteer for overtime pay and point citizens to Waste Management areas where post-surveillance State scrap merchants fight over the City waste, while others take selfies and pose over the junk heap for the Kiss cam on Instagram.  Old radio production engineers show up with tape recording magnets and drills to charge for erasure, so they can retire.  Amen.

 Who knows?  Maybe it can all happen. 

However, today I will ask the God of Personal Justice to please ban companies, still underneath the FTC for privacy violation, from writing law and to withdraw their legislative proposals for “privacy reforms” and then usher in a law era with such enforceable ferocity in both civil and criminal court, no company will be dumb enough to violate it.

 

Why EFF and CDT May Not Advocate for Individual Private Right of Action

Google is suing to funnel individual user remunerations, awarded by courts, to EFF, CDT. Data owners should speak up for themselves now in small claims court.

 

By Sheila Dean

 

For many years, I wondered why Democratic leaning nonprofits like Center for Democracy and Technology (CDT) and EFF, former coalition colleagues in the privacy field, overlooked and entirely ignored the Privacy Act of 1974 in public education efforts against mass surveillance. It represents an important consumer civil right: the individual right to tell the government to stop processing personal data for non-exempt government uses. They kept mum during the entire Obama administration about this law and only filed a mea culpa amicus brief this Summer based on some recent personal rights violations.

This particular right gets down to hairsplitting among judges, like potential Supreme Court nominee, Brett Kavanaugh. Ars Technica reported statements during Kavanaugh’s confirmation indicating he would side with any corporation’s rights to collect mass data on behalf of the government for their unique purposes.  Unfortunately, unless the normative T-mobile or Verizon informs the customer that they may refuse exchanges of personal data to government agencies (such as the Department of Education, NASA, DARPA, the Geospatial Intelligence Agency) by expressly denying consent to share data with them, Kavanaugh would allow businesses and nonprofits to launder consumer consent tacitly to government transactions. This bypass would treat government actors as a 3rd party data processors.  No warrant necessary. That is why the Privacy Act of 1974 and filing a small claims suit is more important than ever.

According to Media Post, data owners were represented in a class action lawsuit involving Google. Google is suing to send remunerations to nonprofits rather than the data owners or users impacted in the case. We never hear about users who never received an award from their position in the case of privacy, until now. EFF and CDT seem motivated by a win to get Google’s largesse funnel to go to their work. It is likely this is not the first or last time you will see a non-profit, like the ACLU, go in for a civil suit win to collect funding for their non-profit work. You will have to wait until Halloween to hear users vouch toward whether they were actually offered their court award or if feral feudal administrators between these non-profits and Google made decisions for their digital serfs. Google, aware of mass scale of privacy violations, changed its corporate classification in 2017 from an Incorporated public company to a Limited Liability Company incorporation (LLC), because of the mounting volume of lawsuits landing on them due to ongoing willful privacy violations.

That is why I am actively advocating and proclaiming that each data owner impacted by a personal privacy violation file a small claims suit against company or nonprofit data license violators. This means, 501c3’s (like the EFF, CDT or the ‘Church of Google’) or 501c4s (like a political party, partisan political campaign, or a Political Action Committee) also can be taken to small claims courts. You can even take your local government to small claims court for privacy violations. You may even file privacy violations claims against the federal government in your local District Court.

This process is given overview in my current work Privacy Is A Spider; A Guide to Rebalance Private Living, Chapter 2: Droping in From Above, currently available for download at Gumroad.com. Companies with history of serial privacy violations won’t stop violating your rights. You have to stop them and make them pay. Small claims has the power to order anyone who has processed against your consent cease and desist. The courts need to see you self advocate with the legal means you have; which is possibly $15 and a court appearance with your local version of Judge Judy.

Each data owner has a private right of action to make each of these companies or entities pay for their violations of your consent rights and to collect any profits made from involuntary exchange your data, whether it is only $74 or $.74.  If you want to win your privacy case, you will have a higher likelihood in small claims court. The political class won’t reign them in quickly.  You have to do it. There is no real privacy movement if you are not making the legal decisions that matter about your privacy.

 

3 STRONG REASONS WHY YOU SHOULD USE SMALL CLAIMS FOR ANY CORPORATE OR NON-PROFIT PRIVACY VIOLATION

  • Build case law history against violators; which mounts against their lobbying efficacy with agencies like the FTC and the SEC.

  • Win the unique knowledge and access to the transactional trade path of your personal information without the mass invasive process of a Superior Court legal case with your name on it.

  • Be awarded profits from the unapproved licensing of your personal information and private data. (This keeps self-involved lawyers at non-profits from collecting awards made on small bill privacy violations.) 

December News Digest: Chapter Release this Winter at Patreon

MOTIVATIONAL MOMENTS

“When you’re going through hell, keep going…”

– Winston Churchill

THE BAD NEWS - YOU STILL LIVE ON A HACKED PLANET

Privacy is a battered area across many forays in our society. I managed to catch the Congressional hearings on the Equifax breach. I heard the head of Equifax (US) say to Congress, “I wonder what are we trying to protect anymore?”

I think that became the most challenging moment for me in 2017, both as consumer and personal data protection advocate.   I realized demoralizing the privacy interests of every individual was someone’s goal. If your opponent couldn’t lawfully achieve that, as if you had no legal recourse or protection from their infringements, they still seek to bombard you, networks and infrastructures with smaller privacy breaches, to desensitize you to the negative effects. Why? To break down your resistance with frustration and demotivation, so you fail to fight back over your personal data property and your privacy.  

Americans are in a double bind, of sorts. We are held underneath a public-private mass surveillance aperture; which won’t relinquish much power back to the individual.  Part of the infrastructure capitalizes on voter information brokerage.  Another part forces or incentivizes private social media to do government surveillance work on the people who feel compelled to use it.  You have an opportunity to use your voice, to direct Congressional leaders to Sunset Section 702 of the warrantless surveillance act, FISA. A bill to renew it has been filed.  There is a lot of fight for you and US privacy rights in that fight.

Every day you wake up you are the Data Owner, not merely the Data Subject, a victim of theft or a serf in someone’s digital fiefdom. 

Grasp this and you have a future to self determine your privacy.

THE GOOD NEWS -PUBLISHING IS HAPPENING!

 

IEEE is releasing 2nd edition of Ethically Aligned Design, Ethics in Action  12/12/2017I contributed to the Consent section.  I also have joined other IEEE data ethics subgroup P7003 –(Addressing)Bias producing content, curating research and being helpful to ethical data standards development.  You can read the ethics production from end-t0-end here. [Updated 2/22/2018] 

'REBALANCE PRIVACY' SLUG-MARATHON 2018.

Yes. So slow.  Good solutions take time.

I have finally found my self-publishing house to produce chapters; which include privacy-accountability hacks, letters and templates to stay organized and to fight back.  The plan is to produce the initiate select chapter around February.  You can purchase directly from this website or my Patreon page.  There is a placeholder live under the 'Authoring' tab for the 2018 release.

Please tell all of your friends. (If your friends have great publishers market skills, send them my way!)

Do you have news or a personal story of how you overcame a privacy infringement?  Please write to me.  I would like to do a feature on you and demonstrate your talent.

Happy Holidays and warm wishes of confidentiality in 2018.

 

Politicized Social Media Platforms [or Why I Dumped Twitter]

“Some” social media accounts are more American than US citizens?

By Sheila Dean

On October 18th, 2017 Twitter joined a small league of American social media companies who decided to monitor naturalized US citizens.  In 2013, Twitter distanced itself from National Security agencies, denouncing NSA PRISM program surveillance of its social media accounts.  So what changed? 

Come to think of it, not much has changed at all. We should readily realize virtually no single social media platform or US media company has consistent integrity conforming to US public Constitutional protections. The general rule is if you have to agree to a Terms of Service agreement to do anything online you are paying with your private data; which may used with or without your consent.

For instance, Comcast believes it has the right to demand the last four of your SSN#. If they never overtly asked you for permission to use the last-4 of your Social Security Number via a customer service rep in the Philippines or Latin America; they have zero right to ask you for it for account verification purposes. If a company asks for the last 4 of your SSN and you never gave it to them in the first place for credit approvals, treat it like a phishing attack.  Hang up the phone and visit a store in person to administrate your account.  

Companies may ask for verification of identity, but they never have the right to use your personal information without your permission. There has to be a specific purpose for the use of your information. For that purpose, they need documented consent. They’re not in a position to really make demands for government mandated identity.

The SSN# is especially sensitive information. It is even more so now due to the Equifax breach. You can ask for a passcode or 2-factor authentication number to be generated for your online accounts.  I have also included an example letter to  help request your SSN removal for customer authorization purposes at the end of this blog. 

CONVENIENCE VS. PERSONAL SOVEREIGNTY

You are in the drivers seat.  If convenience is more important than privacy - keep doing what you’re doing. Just know you are developing media companies’ private data sales kiosk of You; which they do in fact readily sell to any paying government customer who will purchase your information. Media companies like Twitter and Xfinity aren’t picky.

When DHS or the NSA won’t obey US agency legal compliance, neither will media companies.  You can enter in a civil suit to sue both.  You might lose; but you also might win. They brought the Constitutional fight to you.  You didn’t beg Twitter, a social media company, to treat your citizenship like a subjective matter and as a personal speech surveillance tool.

I think the messages from US media companies are pretty clear: US citizens don’t have any observable rights we need to care about.  They may as well be China, Russia or any other totalitarian regime on earth completely forfeited from the value of US Constitutional protections.  We all know there is no US Embassy in Cyberspace. 

Actions at Twitter now work to exclude naturalized US citizens from those who would have lawful protections under the US government.  Both Bush and Obama presidencies put unsecured access to mass surveillance ahead of domestic information security interests.  Trump, who is only informed by precedent, thinks readily some citizens are more protected than others.

When citizens aren’t really citizens in the United States for personal rights in protected speech and 4th Amendment limits, either we are not living in America or America isn’t really a Constitutional Republic with equal protections under the law.  In reality, both of these ideas are parasitic falsehoods hooked up by corrupt interests to siphon off resources of your labor, your money, your family and your freedom.

When a US soldier dies for US Constitutional freedoms and guaranteed rights, they don’t get to pick which citizens get the benefit of their sacrifice.  So no social media company should decide whose US citizenship rights and protections are denied. You are either a US citizen or you are not. If you are, it definitely means more than having someone parse your rights from a corrupt legal ivory tower in Silicon Valley.

So I scheduled deletion of all of my Twitter accounts.

Certain media denizens will decry it’s a “chilling effect”. They think far too much of global online services. Twitter only has the information power you give it. They need you to farm information.  If you stop giving them information, they will develop similar problems to Facebook's “news shortage”.  

US identity is only for approved use by the worthy.

###

 

 

The Assertive Privacy Consumer: Know your opposition

Just like every other conflict, in user privacy conflicts you have to identify and respect your opponents. Sometimes your opponents are only situational.  They have one goal in mind: win in the moment.  In other cases, your opponents are predatory.  They want to deleverage your rights so they have unlimited access and power over even the smallest of your affairs. 

Read more