July 11, 2012 | By Rebecca Bowe

Privacy News Roundup: Tracking Customers, UK Snoopers’ Charter, and Drones in Latin America

When Customer Service Gets Creepy

With commercial use of biometrics and online tracking on the rise, emerging customer service products threaten to sacrifice consumer privacy for the sake of convenience and security.

Take, for example, the mobile “solution” a home-delivery services company called Blackbay dreamed up to solve the problem of missed package deliveries in the UK. The company has developed a smartphone app that can utilize social media networks to track recipients’ locations, enabling delivery drivers to zip packages straight to the customer – wherever they happen to be. Upon arrival, mobile face recognition technology could be used to ensure the parcel is delivered to the right person, according to this article.

Although customers could opt in to the tracking, and would be able to specify a time limit for tracing their whereabouts, the concept still raises serious privacy questions about whether this sensitive personal information would be made available to third parties, used for other purposes, or stored by the delivery companies, let alone how private entities and hundreds of delivery drivers would go about securing the data. At the moment, the app is still a work in progress, but Blackbay aims to make it available to courier firms within a year.

Meanwhile, if any package recipients also happen to fly regularly with British Airways, delivery drivers won’t be the only ones tracking them down online. British Airways drew the ire of privacy advocates when it unveiled a new practice of scouring Google images for customer information to create passenger files, purportedly to provide customer service with a “more personal touch.” (Given certain high-profile episodes in the recent history of airport security, this P.R. statement would seem to be ill advised.) A few days after the backlash became apparent, the airline revised its plan, saying it would only track its V.I.P. customers.

Speaking of businesses that take the know-your-customer mantra way too far, Intel just acquired a company that specializes in heartbeat recognition. PC World reports that Intel confirmed its acquisition of the Isreali biometrics company Idesia, which “provides technology through which heartbeats can be used to recognize users on PCs and mobile devices.” (Idesia should not be confused with the Israeli biometrics company recently acquired by Facebook, called Face.com.)

Nathan Brookwood, an analyst quoted in the article, speculated on how the software could be used: "Intel could possibly create a relatively easy sensor that could go into a smartphone or tablet that could monitor the heartbeat," he noted. Apparently, this isn’t the first time heartbeat recognition technology has made the news. And while it’s not expected to be incorporated into Intel processors anytime soon, “Intel has a crack team of processor developers in Israel that could make good use of this technology,” PC World notes.

UK “Snoopers’ Charter” Faces Tough Critics

Nearly a month after the UK Parliament unveiled its sweeping draft Data Communications Bill, increasingly referred to by the shorthand “Snoopers’ Charter,” privacy advocates continue to blast the bill while formal comments stream in to Parliament. The Snoopers’ Charter would broaden the range of data stored by Communication Service Providers to include social media messages, webmail, voice calls over the Internet, and gaming – in addition to emails and phone calls. The data would be made available to various police and intelligence agencies. None of them would need permission from a judge to view details on the time and place, but not content, of personal messages.

Here’s a smattering of responses to the Snoopers' Charter so far:

“The crucial undemocratic element is that the monitoring will be done without the need for the police or agencies to apply for a warrant. No one will know the extent of the monitoring, its effects, nor the conclusions that the authorities may draw from the data. [Home Secretary Theresa May's] bill is, by definition, disproportionate and self-evidently breaches the Human Rights Act's guarantees on the right to a private life.” Henry Porter, columnist, The Observer

"It's not content, but it's incredibly intrusive. If they really want to do things like this – and we all accept they use data to catch criminals – get a warrant. Get a judge to sign a warrant, not the guy at the next desk, not somebody else in the same organization." – David Davis, Conservative MP, speaking on BBC Radio 4's Today program

“Ispa has concerns about … the scope and proportionality, privacy and data protection implications and the technical feasibility. Whilst we appreciate that technological developments mean that government is looking again at its communications data capabilities, it is important that powers are clear and contain sufficient safeguards.” – Internet Service Providers Association, as quoted by BBC News

“By gathering, automatically and for all people, ‘communications data’, we would be gathering the most personal and intimate information about everyone. When considering this bill, that must be clearly understood. This is not about gathering a small amount of technical data that might help in combating terrorism or other crime – it is about universal surveillance and ultimately profiling.” – Dr. Paul Bernal, blogger and Lecturer in Information Technology at University of East Anglia

Meanwhile, as European Digital Rights (EDRi) points out, European Commission Vice President Viviane Reding signaled to the press that the Snoopers’ Charter might be at odds with European Commission’s position on citizen’s rights. The states’ obligation to preserve the rights of the individual and the rights of society as a whole “is a balancing act,” Reding noted in response to a question on the draft Communications Data Bill. “You cannot make them clash.”

The draft Bill will go before a Joint Committee of both Houses of Parliament, and will also be considered by the Joint Committee on Human Rights (JCHR) and the Intelligence and Security Committee (ISC). The Joint Select Committee on the draft Communications Data Bill has issued a call for comments, with a deadline for submissions of August 23, 2012. Now is the time to have your say.

Drones in Latin America

With Mexico’s election results in, it now appears that Enrique Peña Nieto will be the country’s next president, restoring power to the Institutional Revolutionary Party (PRI).  While the political transition raises a host of questions about what comes next, one item in particular caught our attention:

“[Nieto] approves of the continuation of flights by U.S. surveillance drones over Mexico to gather intelligence on drug trafficking, but future missions would be run by Mexico with U.S. assistance and technology, he said.”

Mexico isn’t the only Latin American country where drone flights are occurring. A few weeks ago, Venezuelan President Hugo Chavez announced that his government had started producing unmanned aerial surveillance drones, purportedly to monitor pipelines, dams and other rural infrastructure for defensive purposes. The BBC quotes Chavez as saying: "We do not have any intentions of attacking anybody."


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

EFF sued for defamation by patent lawyer behind April's Stupid Patent of the Month, Scott Horstemeyer. https://eff.org/r.jjb8

Jun 3 @ 11:19am

The response to @WarrantCanary has been tremendous. The @firstlook canary is the 50th, and they just keep coming: https://eff.org/r.ytno

Jun 3 @ 10:56am

Europeans' right to leave their Wi-FI networks open to the public hangs on a pending court decision: https://eff.org/r.7jst

Jun 2 @ 4:18pm
JavaScript license information