Just look around. Stop on virtually any sidewalk downtown, crane your neck and scan the rooftops, overhangs, streetlights–any nearby vantage point. If you look hard enough, you’ll see the glass eye of a surveillance camera staring back at you.
Although no full accounting of the number of surveillance cameras in downtown Chicago exists–the New York City branch of the ACLU counts more than 2,400 in Manhattan–an unscientific survey by a reporter walking along West Wacker Drive from Michigan Avenue to Franklin Street, a distance of about seven blocks, spotted 37 cameras mounted on buildings and streetlights.
Chicago’s Office of Emergency Management and Communications operates 14 cameras on Michigan Avenue and Dearborn Street and plans to deploy “dozens and dozens more,” according to a spokesman.
The Chicago Department of Transportation operates about 100, and the Illinois Department of Transportation maintains six in the city and more than 50 in the Chicago area.
The proliferation of surveillance cameras in public areas is one element of what privacy activists claim is the rise of a surveillance state in America.
“The explosion of computers, cameras, sensors, wireless communications, GPS, biometrics and other technologies in just the last 10 years is feeding a surveillance monster that is growing silently in our midst,” wrote Jay Stanley and Barry Steinhardt in January in an ACLU report on “the growth of an American surveillance society.”
“There are no longer any technical barriers to the Big Brother regime portrayed” in George Orwell’s dystopian novel “1984.”
Perhaps not. But there are still barriers nonetheless. Alarmists like to raise the specter of Big Brother constantly monitoring your movements. But next time a security camera gives you the creeps, take comfort in the fact that, in all likelihood, no one is watching on the other end.
What’s less comforting is the series of electronic footprints left in your wake.
“Nobody’s sitting there looking at these cameras,” said Larry Langford, a spokesman for the OEMC, of his agency’s surveillance cameras. Langford said the cameras are monitored only when there is a reason to look–to watch them constantly would be a waste of time and money.
By the same token, the vast amounts of data that we generate every day through credit card transactions, exchanging e-mail, surfing the Web, making telephone calls–data that gets stored away in some database, somewhere–is too overwhelming for anybody to actively monitor to ferret out bad behavior.
Big Brother is not watching you–he doesn’t have time.
But the data is still there.
“People leave a very wide trail as they move through their life,” said Bruce Schneier, a computer security expert and author of the coming book “Beyond Fear: Thinking Sensibly About Security in an Uncertain World.”
It’s all out there
“Remember Sept. 11–within a matter of days, they had [the hijackers’] names, their pictures and where they worked. And that gives you a feel for how much data is available for someone who wants it.”
The information doesn’t end up in one place–you can leave hundreds of footprints in various places throughout the day–and it doesn’t always stick around for very long. But it’s there, and the means of collecting it are proliferating.
We’ve constructed a hypothetical day and detailed the various surveillance networks a person might come across, who collects the data, what happens to it and who gets access to it.
8:02 a.m.–You’re driving into work from the north suburbs. At the Edens Spur toll plaza you slow down and ease over to the left lanes. Like more than 900,000 other users of Illinois highways, you have an I-Pass transponder mounted on your rear-view mirror.
The Illinois State Toll Highway Authority records the date, time, location and identity of the owner each time a transponder passes through any of the 58 toll plazas outfitted with the I-Pass system.
The authority stores that information in a database for two years, making it a detailed record of the daily movements of nearly 1 million people around northern Illinois. A spokeswoman said that the authority saves the data only to comply with state record-keeping regulations, and that it does not share it with anyone–even other government agencies–without a subpoena.
But the “transponder agreement” that I-Pass subscribers must sign isn’t quite so strict, and it makes no mention of subpoenas. “[Y]ou acknowledge . . . and expressly understand,” it reads, “that the use of the I-Pass transponder may be monitored by ISTHA and/or other government agencies.”
And subpoenas can be had. The authority has handed over I-Pass data at least 18 times to local prosecutors, the FBI and other agencies, according to the spokeswoman. In one instance, a divorce attorney obtained the I-Pass data of his client’s wife in a bid to argue that, because she was coming home late from work, she shouldn’t gain custody of the couple’s child.
9:16 a.m.–You walk into your office building. To get in, you must insert your work ID badge into a card reader, which records the time you got to work. Policies vary wildly from company to company, but in almost all cases, that information is stored for some period.
“The cards for me are strictly for security use,” says a top security officer at a major Chicago firm who asked not to be identified (few corporate security experts would talk on the record about their practices). “I suppose there are some companies that use it [to monitor their employees’ movements]. If you’re going from area to area within your building at 10 p.m., it’ll show that.”
9:45 a.m.–You check your work e-mail. According to a 2001 study by the Denver-based Privacy Foundation, 14 million employees are under some sort of e-mail surveillance–and that number has surely grown in the last two years. It is relatively easy for companies to engage in real-time monitoring of ingoing and outgoing e-mail. Clearswift, for instance–a software company that counts AT&T, General Electric and NATO as customers–makes a program called MIMEsweeper that, among other things, can conduct “advance text analysis in message headers, subject line, body text and attachments for keywords, phrases, and . . . expressions” in all messages going in or out of a firm’s e-mail servers, according to the company’s brochure. It’s up to your boss to determine which words to search for.
But your employer doesn’t need special software to keep track of your e-mail messages. In almost all networks, every ingoing and outgoing e-mail message is stored temporarily on a server. Even if you erase a message from your computer locally, it’s a simple matter to configure the network servers to preserve messages for 30 days, 90 days or forever.
12:37 p.m.–You get cash at an ATM. Your picture is recorded, along with your name and transaction details.
12:45 p.m.–Walking down Michigan Avenue after lunch, you pass through the field of vision of dozens of private and public security cameras. What happens to the images captured by private cameras varies depending on the owner. Videotape cameras typically record on a loop, recording over and erasing old images every 24 or so hours. But the advent of digital cameras has made it much easier to store footage for long periods. In fact it is easier, said computer security expert Schneier, to store such data than it is to throw it away.
“It can be stored forever,” said the top Chicago security officer. “If someone says, `You know, two weeks ago, I saw a really strange car that looked like it was casing the building,’ you could pull it up.”
Typically, the officer said, companies keep digital surveillance footage on file for 30 to 90 days. “Within a month,” he said, “you should know if there have been any exceptions–if someone got mugged in the parking lot.”
Digital camera technology has also paved the way for the use of facial recognition software to identify passersby. Although a widely noted attempt by Tampa police to use the technology to spot fugitives in the Ybor City district using overhead surveillance cameras was considered a failure–the software works best with a clear, frontal image of the face–it is increasingly used in airports, malls, sporting events and other situations in which a clear image of the face of anyone entering an area can be had.
The market research firm A.C. Nielsen, for instance, has patented a system for retail stores that would capture your image as you enter the store, recognize you at checkout and remember your past purchases every time you enter the store. You could pay anonymously, in cash, and the system would still know it’s you.
1:30 p.m.–You catch the “L” to meet a friend on the North Side. As you enter the Clark and Lake station, you pass your Chicago Card in front of the card reader. As you do, the CTA records the time, date, location and unique serial number of the card that was used. If, like 94 percent of the 16,784 people who have purchased Chicago Cards since their launch in December, you’ve registered your card with the CTA (if you register, you can replace lost cards), then the authority can correlate you to your card’s activity.
That information is stored in a CTA database. A spokeswoman declined to say how long it is kept, but said the authority doesn’t share the data: “That information is private and there would have to be a subpoena for that information to be released.”
5:45 p.m.–You stop off at a Jewel grocery store on the way home. At the checkout counter, you hand over your Jewel Preferred Customer Card–one of the “loyalty cards” that you signed up for to receive discounts on certain items. Of course, in return, you give the store the capability to keep track of everything you buy.
Policies vary widely among supermarket chains, but everybody retains the data for some period.
“They keep all this data for maybe six months, or a year,” says Michael Garry, the technology editor for Supermarket News. “It loses its value pretty quickly. Two years at the most.”
But for those two years, your grocery lists are not inviolate.
“They are routinely subpoenaed for use in civil and criminal cases,” says Katherine Albrecht, an activist who founded CASPIAN–Consumers Against Supermarket Privacy Invasion and Numbering –to oppose the proliferation of what she calls “retail surveillance.” Albrecht points to the case of an Arizona drugstore that handed over records of one customer’s purchases of plastic baggies to the Drug Enforcement Agency, which was seeking evidence that the customer was dealing drugs.
6:15 p.m.–Back on the road, in a rush to get home, you see a yellow light ahead. You check the intersection–no cars, no cops–and step on the gas, running the light. You didn’t notice a flash of light as soon as you hit the intersection, but two weeks later you get a ticket in the mail. Red-light cameras, which are used widely in San Francisco; Fairfax County, Va.; and other municipalities to nab hasty drivers, are coming to Chicago. Two cameras are being tested–at Peterson and Western Avenues and at 55th Street and Western–in advance of a pilot program to place them at intersections citywide.
10:31 p.m.–At home, you turn on the television. Like 624,000 other Americans, you subscribe to TiVo, the digital video recording service. The TiVo unit records every input you make into the TiVo remote control, from what channels you surf to the volume levels, as well as the specific programs you watch. Every night while you sleep, the TiVo automatically dials up a server at the company’s headquarters and transmits the day’s viewing history–everything you watched on television–to a database.
TiVo’s privacy statement says that the detailed viewing data is kept anonymous and the company employs what it describes as “a very sophisticated mechanism” to ensure that the viewing information can’t be linked to the identity of the viewer.
But according to an exhaustive study of the way TiVo operates by the Privacy Foundation, the viewing information is transmitted with a unique serial number that can be linked to a customer’s account. “[T]he home viewing information,” the report said, “can only be truly anonymous when TiVo headquarters intentionally treats it as such.”
