Showing posts with label surveillance. Show all posts
Showing posts with label surveillance. Show all posts

Sunday, July 3, 2022

Miami Beach looks like a police state; Ocean Avenue shootings happened anyway

In March, I visited Miami Beach and found it to have the feel of a police state.

Uvalde and the shortly subsequent widely reported shootings happened while I was away from the United States, which was something of a mercy. I didn't have to live through the immediate trauma of it all happening again. But thinking about what happened and what could or should be done, including John Oliver's apt skepticism of the perennial calls to harden school security, caused me to remember my experience in March.

I've always liked Miami Beach. The art deco aesthetic combines with Latin-flavored food, drink, and entertainment and incomparable people watching to provide a unique and memorable experience every time. I had not been there, though, in many years, and I was anxious to see how it emerged from the pandemic.

I had a good time revisiting old haunts, but I found the nighttime police presence downright oppressive. Countless cop cars sat with their blue and red lights illuminated all along Ocean Drive and in Lummus Park. Bright spotlights made artificial daylight in the park and on the beach inside the dunes; paths to the ocean were closed. Surveillance cameras were everywhere, perched upon lamppost after lamppost. It was a police state on steroids. (All photos RJ Peltz-Steele CC BY-NC-SA 4.0.)



I could not imagine what had happened that precipitated such security, and I was inclined to be critical. Then, shortly after I returned home and despite what I'd witnessed, news broke of five separate shootings during the main week of spring break. Authorities declared a state of emergency and imposed a midnight curfew to quell further violence, NPR reported.

I have no great insights as to what is going on at Miami Beach. I can only say that one of my favorite places, a vacation destination in the United States, looks more like a police state than actual police states I've visited abroad. And that didn't avert five shootings.

I don't have the answers, but making more places look like what Miami Beach has become doesn't seem to be one.

Sunday, June 27, 2021

Disputed allegations in malicious prosecution suits against Apple raise data protection issues

Apple Store Osaka (Sébastien Bertrand CC BY 2.0)
A case of identity theft, now the subject of lawsuits against Apple and a security contractor, SIS, in three jurisdictions, seems to have raised an alarm about data protection.  But the case might be more complicated, as the defendants have accused the plaintiff of false pleadings.

Plaintiff Ousmane Bah was a 17-year-old Bronx honors student and permanent resident alien applying for citizenship at times relevant to the complaints.  An acquaintance of Bah's acquired Bah's temporary New York driving learner's permit (ID); it is disputed what Bah knew about the acquisition.

The ID did not have a photo, and the biographical data did not match the acquaintance's in all particulars, such as height.  Nevertheless, when the acquaintance was, according to the complaints, apprehended trying to shoplift from Apple stores in New York, New Jersey, and Massachusetts, he was misidentified as Bah.  Bah was criminally charged, subject to arrest warrants, and repeatedly compelled to defend himself.  The case does not directly implicate the known risk of race discrimination in facial recognition algorithms.  But in Bah’s version of events, Apple's use of facial recognition technology to identify the perpetrator in subsequent incidents gave police a false confidence that the suspect was Bah.

Apple and SIS have filed for Rule 11 sanctions in New Jersey and characterize the complaint in that jurisdiction as fiction.  They rely on discovered communication between Bah and the acquaintance to allege that Bah knew well that he was being impersonated, and that misidentification resulted from the acquaintance’s deliberate deception, not from error on the part of Apple or SIS. 

Media have been quick to seize on the allegations in the initial complaint, which does resonate with extant privacy issues in public policy.  If the plaintiff’s allegations are complete and accurate, then the case speaks to Americans’ lack of comprehensive data protection law.  A data protection regulation like Europe’s, generally speaking, would shift the burdens of fair and accurate identification to the defendants, rather than a victim of identity theft, time and again.

Moreover, if the plaintiff’s allegations are complete and accurate, the case has unpleasant overtones in race and socioeconomic equality.  A mismatch of data between the false ID and the acquaintance's appearance prompts concern that “black” was all the retailer needed to see, and one must worry whether persons of limited means can afford to defend themselves against false charges and wrongful arrest, not to mention the collateral effects of publication of misidentification to third parties, such as employers and creditors.

Bah claims defamation and malicious prosecution.  The complaints at least allege evidence in support of actual malice, which Apple and SIS deny.  Malicious prosecution is usually a claim made against public officials in tandem with civil rights violations, but the tort is viable against private parties who initiate criminal proceedings on false pretenses.  Whether the plaintiff’s allegations hold up, I do not know.  The counter-allegations of Apple and SIS in seeking sanctions in the New Jersey case are biting.

The cases are:

  • Bah v. Apple Inc., No. 1:19-cv-03539-PKC (S.D.N.Y. filed Apr. 22, 2019) (Court Listener);
  • Bah v. Apple Inc., No. 2:20-cv-15018-MCA-MAH (D.N.J. filed Oct. 27, 2020) (Court Listener); and
  • Bah v. Apple Inc., No. 1:21-cv-10897-RGS (D. Mass. filed May 28, 2021) (Court Listener).
Bah is represented in the New York case by UMass Law alumnus Subhan Tariq, '13.  My thanks to Steven Zoni, '13, for bringing this case to my attention.

Friday, October 23, 2020

Canadian privacy advocate deploys anti-SLAPP law in suit by electronic exam proctoring company

John Oliver's Big Coal SLAPP nemesis, Bob Murray, retires

Pixabay by Aksa2011
An IT specialist at a Canadian university is defending a lawsuit against a U.S. tech company over its allegations of copyright infringement and his allegations of infringement of student privacy.

Proctorio is an Arizona-based company offering online testing to academic institutions.  It's similar to ExamSoft, which is used by my law school, the Massachusetts Bar, and other academic and licensing organizations.

Needless to say, businesses in the mold of Proctorio and ExamSoft have taken off since the pandemic.  But these businesses are not without their problems, and their widespread use has brought unwanted scrutiny to their terms of service.

For example, the Electronic Frontier Foundation raised a red flag over ExamSoft in anticipation of its adoption to administer the California bar exam.  Examsoft's terms of service afford the company overbroad reach into the computers of users and, worse, collection of biometric data from studying their faces on screen.  My students have raised legitimate concerns about ExamSoft, and I will not be administering a "closed-book" final exam because I share those concerns.

UBC (GoToVan CC BY 2.0)

Related privacy worries motivated University of British Columbia learning technology specialist Ian Linkletter, MLIS, to tweet out the URLs of unlisted Proctorio instructional videos located at YouTube, meaning to make his case that the company is excessively intrusive of student privacy.  In response, the company sued Linkletter in British Columbia for copyright infringement and breach of confidence.

Now Linkletter has filed for dismissal under British Columbia's anti-SLAPP law.  Linkletter told the Vancouver Sun that fighting the lawsuit for just "more than a month has cost him and his wife tens out thousands of dollars."  Read more in Linkletter's public statement of October 16.

B.C.'s anti-SLAPP law was enacted unanimously by lawmakers in March 2019.  Oddly enough, B.C. lawmakers passed one of Canada's first anti-SLAPP laws in 2001, but quickly repealed it over doubts about its efficacy.  I wrote recently about the dark side of anti-SLAPP laws.  Never have I denied that they are sometimes deployed consistently with their laudable aims; rather, my concerns derive from their ready abuse when deployed against meritorious defamation and privacy causes.   

The case is Proctorio, Inc. v. Linkletter, Vancouver Reg. No. S-208730 (filed B.C. Sup. Ct. Sept. 20, 2020) (civil claim).

Bye, bye, Bob

[UPDATE, Oct. 27, 2020. To be clear, I wrote that sub-headline before this happened: "Coal giant Robert Murray passes away just days after announcing retirement" (Stephanie Grindley, WBOY, Oct. 25, 2020).]

In other, if distantly related, anti-SLAPP news, Bob Murray is resigning and retiring as board chairman of American Consolidated Natural Resource Holdings Inc., successor of Big Coal's Murray Energy.  It was a tangle with Murray that turned HBO comedian John Oliver into an anti-SLAPP champion.  And, I admit again, HBO's use of anti-SLAPP law was textbook and laudable after Murray brought a groundless suit against the network.

While I disagree with Oliver over anti-SLAPP, he's one of my favorite comedians and social activists, and definitely was the mic-drop-best live act I've ever seen.  Here are his key Murray Energy treatments from Last Week Tonight.

The first, June 18, 2017, drew Murray's lawsuit.

The second, November 10, 2019, followed up with a paean to anti-SLAPP, wrapping up with a musical tribute to Murray.

Monday, October 5, 2020

U.S. White Paper on 'Schrems II': Emperor still clothed

A new U.S. white paper on data protection means favorably to supplement the record on U.S. surveillance practices that, in part, fueled the European Court of Justice (ECJ) decision in "Schrems II," in July, rejecting the adequacy of the Privacy Shield Framework to secure EU-to-US data transfers.

From the U.S. Department of Commerce, Department of Justice, and Office of the Director of National Intelligence, the white paper suggests that the ECJ ruling was interim in nature, pending investigation of U.S. national security practices to better understand whether they comport with EU General Data Protection Regulation norms, such as data minimization, which means collecting only data necessary to the legitimate purpose at hand.  The paper states:

A wide range of information about privacy protections in current U.S. law and practice relating to government access to data for national security purposes is publicly available.  The United States government has prepared this White Paper to provide a detailed discussion of that information, focusing in particular on the issues that appear to have concerned the ECJ in Schrems II, for consideration by companies transferring personal data from the EU to the United States. The White Paper provides an up-to-date and contextualized discussion of this complex area of U.S. law and practice, as well as citations to source documents providing additional relevant information. It also provides some initial observations concerning the relevance of this area of U.S. law and practice that may bear on many companies’ analyses. The White Paper is not intended to provide companies guidance about EU law or what positions to take before European courts or regulators. 

Armed with this additional information, then, the message to the private sector seems to be, Keep Calm and Carry On, using the very same "standard contractual clauses" (SCCs) that the ECJ invalidated.  Yet if the information featured in the white paper has been publicly available, why assume that the ECJ was ill informed?  (Read more about SCC revisions under way, and their likely shortcomings, at IAPP.)

Unfortunately for the U.S. position, the ECJ opinion was not, to my reading, in any way temporary, or malleable, pending further development of the record.  The white paper comes off as another installment in the now quarter-century-old U.S. policy that the emperor is fully clothed.

I hope this white paper is only a stop-gap.  As I said in a Boston Bar CLE recently, no privacy bill now pending in Congress will bridge the divide between the continents on the subject of U.S. security surveillance.  A political negotiation, which might involve some give from the American side at least in transparency, seems now to be our only way forward.

The white paper is Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II (Sept. 2020).