Technology, Thoughts, and Trinkets

(Source)

It looks like Ontario has managed to do what politicians in the UK have been struggling to accomplish for years. This morning the Liberal government of Ontario passed Bill 85, the Photo Card Act, which will see updates to the identity documents that Ontarians typically carry on their persons. While the UK government has been stymied at every turn by no2id when they’ve attempted to roll out a sophisticated identify card, the coalition and advocacy groups in Ontario that have opposed the inception of drivers licenses that contain biometric data and radio frequency identifiers (RFIDs) have been less successful. While the Conservatives had been expected to speak against the bill, this did not, in fact, happen. My money is that the politics didn’t cash out to oppose it.

I’ll post updates as they arrive, and be putting together a post-mordum report in a few days.

Update 1: CTV has an article discussing the EDLs

(Source)

I’ll be on Gorilla Radio tomorrow around 5:30pm (Pacific) talking to Chris Cook about Bill 85, Photo Card Act, and the New Transparency Project. You can listen at 102FM, 104.3 cable, or online.

(Source)

In the US, several ISPs (e.g. AT&T, Verizon, Comcast) have been testing the effectiveness of using Pando Networks’ own P2P client, which localizes transfered files, to increase the transfer speeds of files while reducing the flow of traffic between ISPs. These tests have demonstrated that Pando’s solution to P2P traffic ‘overwhelming’ network traffic has largely been successful; far less data is passing between ISPs, with a huge portion of the P2P traffic now being contained to the respective ISPs’ networks . DSLreports is concerned that, there may be hidden costs to the roll-out of these technologies. Perhaps individuals will need to pay a fee to enjoy the enhanced speeds. Perhaps this will correspond with a more invasive content analysis system. Maybe there will be blocks put on ‘non-authorized’ P2P clients.

Personally, I expect that P4P will be used to let ISPs compete in the media-content selling business. Imagine: you can get a movie from iTunes in 20 minutes, or in 2-4 from your ISP. Sure, the analysis and filtering that DSLreports notes could be coming, but I have a suspicion that P4p will be used to undermine the current content distributors first, and that other uses of P4P will follow only after that business model/technique is tested.

Maybe I’m being optimistic. Maybe I’m being hopeful.

I should probably know better when thinking about the intentions of major American ISPs. It would likely be a sounder idea to adopt the pessimistic/cautionary stance of DSLreports, and question everything concerning this whole affair.

(Source)

In a recent piece, “Tracking Your Every Move: ‘Enhancing’ Driver’s Licenses at the Cost of Privacy,” I noted that the proposed Ontario enhanced drivers license changes threaten to seriously diminish people’s privacy. These proposed licenses will include a small RFID chip that emits a unique identifier when brought into proximity of a reader - this number is not associated with any personally identifiable information that the provincial government holds, but does (per the Office of the Privacy Commissioner of Canada) constitute personally identifiable information in its own right. The Commissioner’s office, in their whitepaper entitled “Radio Frequency Identification (RFID) in the Workplace: Recommendations for Good Practices”:

An RFID tag containing a unique identifier has the potential to become a “proxy” for an individual when it becomes associated with that individual. In such circumstances, it will become personal information. This would be the case with an RFID-enabled identification badge or uniform. Location data gathered by scanning tags associated with individuals is also personal information (Source).

In addition to radio waves, which have the potential to be used to surreptitiously track individuals without their consent (which I talked about in my submission concerning Bill 85 to the Standing Committee on General Government of the Ontario Legislative Assembly of Ontario), these identity documents will have biometric data imprinted on them. While true that many nations have included biometric identification in their national identity cards, what is so significant in this case is that the Ontario government is absolutely ignoring the comments that are being put forth by the Canadian privacy commissioners, concerned members of the public, opposition parties, and advocacy groups. The absolute lack of attention, given to the potential hazards of the identity documents (especially the risks of data theft and subsequent identity theft) that are being proposed is of deep concern: Ontarians will, ultimately, need these travel documents (or a passport) to cross the border into the US. In light of the significance of these documents for travel purposes, as well as the risks entailed in producing an identity card that emits personally identifiable information without any security safeguards to prevent people from identifying the unique number, it behooves the government to more widely consult with members of the public.

If you want to learn more about the issue, feel free to visit the Ontarians Concerned With ‘Enhanced’ Drivers Licenses Facebook group, or the Canadian Identity Forum website. If you would like to address concerns to the Ontario minister of transportation, you can contact the Hon. James J. Bradley with the information below. Bill 85, the bill that will see these technologies embedded in drivers licenses, will be entering its third reading on Monday, so it’s critical that you contact either your MPP or (preferably) the minister of transportation directly.

jbradley.mpp@liberal.ola.org
Minister of Transportation
77 Wellesley St W, 3rd Flr, Ferguson Block
Toronto ON M7A 1Z8
Tel 416-327-9200
Fax 416-327-9188
Toll Free 1-800-268-4686
TTY 1-866-471-8929

Technorati Tags: biometrics, EDL, Identity, RFID, Surveillance

(Source)
This is going to be relatively brief, just given a lack of time on my part (who knew that take 4 grad courses in a term, plus doing personal research, would be so time intensive *grin*). After reading a post by Mark Goldberg over at Telecom Trends I found out that Bell is planning to provide parents with a feature that would let them limit web content that their kids could view online. Given Bell’s history of using Deep Packet Inspection (DPI) devices to shape bandwidth use, I wanted to see what the technology they were using to prevent children from accessing particular websites.

The Technology
Bell is investing in Unipier Ltd.’s Intelligent Policy Manager (IPM). From the whitepaper (links to .pdf) on this particular piece of technology, we find that:

The Intelligent Policy Manager communicates with traffic and content interception and enforcement systems such as: IP level deep packet inspection systems, HTTP and SIP proxies, messaging gateways and 3rd party access gateways. Using these systems to
forward events to the IPM, allows it to apply policies on these events. In addition, the IPM integrates with various networks, BSS and content enablers in order to carry out specific actions such as: charging, sending messages or reformatting a piece of content.
Unipier’s IPM also integrates with back-end subscriber, partner and device repositories in order to fetch relevant context information.

Given that DPI equipment is already being used in Bell facilities, this means that Bell can leverage their existing infrastructure to integrate with the Unipier equipment to maximally limit their children’s access to particular Internet sites. Assuming that the Bell does not have divergent central networking hubs for their mobile and land-based data traffic (and this is an assumption; I can’t be 100% certain whether this is the case or not), it appears as though the Unipier device will allow a uniform rule set to be used to limit Web access to mobile phone users, regardless of the standard they are using to connect to the ‘net (e.g. EDGE, 3G).

While Bell is presently planning on using this technology in their mobile networks, the Unipier whitepaper suggests that their device can be applied beyond just mobile phones - personal computers can also be subject to the rule-sets the equipment esablishes. Given this possibility, it suggests that Bell could provide this service to their land-based subscribers at a later date as well.

Integration with the Unipier Family
It should be noted that the IPM is the foundation that Unipier’s Intelligent Policy Suite (IPS) sits on. the IPS allows for contextually-based advertising. Recognizing the individuals are unlikely to want to get ads delivered straight to their phones unless they are clearly relevant, the IPS aims to let operators:

…leverage their current network and service assets to achieve a prime role within the mobile advertising value chain. The operator´s unique position allows it to control the advertising real-estate and manage the rich context and usage information of any of its subscribers. By cooperating with advertisers and managing a subscriber-aware, cross-channel advertising campaign, operators ensure efficient and successful mobile advertising services. (Source)

While I don’t want to go so far as to suggest that this is coming to the Bell network (or any other cellular network), the recent attempts by Rogers, especially, to use their DPI equipment to intercept and modify content if they believe that their customers will ‘appreciate’ it, highlights Rogers’ willingness to modify customers’ experiences without their consent. Similar experiences are being found by other ISPs around the world. By integrating technology that allows for the delivery of contextual advertising, Bell is creating a hospitable infrastructure for extending their present revenue streams, all for the ‘benefit’ of the consumer. I remain hopeful that any such implementation would be ‘opt-in’, but have my doubts.

Technorati Tags: Bell, IT, DPI, Unipier