DailyDirt: High-Flying Balloons FTW! (Too Much Free Time)
As body cameras become the new normal in policing, there's been a significant amount of pushback from the law enforcement community. There is some natural resistance from certain police officers -- the same ones that probably resisted being saddled with dash cams and audio mics.
Generally speaking, though, it hasn't been the rank-and-file or their superiors making the most noise. Instead, it's been their supposed representatives: police unions. The heads of these groups contend that cameras will make it tougher for cops to do their jobs by distracting them, forcing them to second-guess their actions, and possibly causing camera-shy eyewitnesses to withhold information.
The most curious contention is that these will only be used to nail cops for wrongdoing. More than one police union official has called body cameras "gotcha" tools. Apparently, police brass and internal affairs departments have nothing better to do than views hours and hours of mundane footage in order to "catch" cops at their worst.
Completely ignored is the fact that a camera with the power to implicate is also a camera with the power to exonerate. Earlier this year, we covered just such a case, where an officer's body camera caught an arrestee in the act of concocting a sexual assault story in hopes of walking away from a DUI arrest.
Deja vu. (via Popehat)
On Nov. 8, a KCSO deputy pulled over Margaret Ellen McElhinny under suspicion of driving under the influence.Some of the body camera footage can be viewed at WBIR's website. (I'm sorry... will be viewed. AUTOPLAY in effect.) The body cameras caught what the dash cams couldn't.
Three other deputies came to the scene. During the stop, they began to question her.
McElhinny later accused one deputy of fondling her once she left her car for a sobriety check. Three of the four deputies wore body cameras, including the one she accused.
Investigators reviewed the recordings from the body cameras and found the deputy in question did nothing wrong.
"This allegation was said to have taken place at the side of the vehicle. Prior to body cameras, we would have had no video at the side of the vehicle. We are very pleased with what we have right now," said [Knox County Sheriff's Office Administrator Lee] Tramel.Would the unions (and others) protesting these tools of accountability rather have seen a sustained (but bogus) complaint possibly harm the career of an officer who did nothing wrong? Is this the sort of sacrifice they're willing to make to ensure police accountability remains minimal? If so, it's yet another example of why police unions are viewed as saviors of bad cops rather than true representatives of the rank-and-file.
A kind of communications data, an ICR is a record of the internet services a specific device has connected to, such as a website or instant messaging application. It is captured by the company providing access to the internet. Where available, this data may be acquired from CSPs by law enforcement and the security and intelligence agencies.That definition, by itself, seems somewhat self-contradictory, but we'll leave that aside for now. Adrian Kennard, the head of a small UK ISP, Andrews & Arnold, has filed some comments highlighting how technically clueless this idea is:
An ICR is not a person’s full internet browsing history. It is a record of the services that they have connected to, which can provide vital investigative leads. It would not reveal every web page that they visit or anything that they do on that web page.
The explanatory notes, and one of the clauses in the bill, make use of the term “Internet Connection Record”. We are concerned that this creates the impression that an “Internet Connection Record” is a real thing, like a “Call Data Record” in telephony.From there, it goes even further, pointing out that the justification for needing these non-existent ICRs was a statement from UK Home Secretary Theresa May about how useful such info would be in finding a missing girl:
An ICR does not exist - it is not a real thing in the Internet. At best it may be the collection of, or subset of, communications data that is retained by an operator subject to a retention order which has determined on a case by case basis what data the operator shall retain. It will not be the same for all operators and could be very different indeed.
We would like to see the term removed, or at least the vague and nondescript nature of the term made very clear in the bill and explanatory notes.
"Consider the case of a teenage girl going missing. At present we can ask her mobile provider for call records before she went missing which could be invaluable to finding her. But for Internet access, all we get is that the Internet was accessed 300 times. What would be useful would be to know she accessed twitter just before she went missing in the same way as we could see she make a phone call"Except, as Kennard points out, that's not how the internet actually works. You don't "connect" to Twitter like that, because you're constantly connected to Twitter:
...in yesterday’s meeting I, and other ISPA members immediately pointed out the huge flaw in this argument. If the mobile provider was even able to tell that she had used twitter at all (which is not as easy as it sounds), it would show that the phone had been connected to twitter 24 hours a day, and probably Facebook as well. This is because the very nature of messaging and social media applications is that they stay connected so that they can quickly alert you to messages, calls, or amusing cat videos, without any delay.This seems like a rather important point: the people who put together the Snooper's Charter for spying on the internet don't seem to understand the first thing about how the internet actually works. And yet we're supposed to give them sweeping powers to spy on it? How does that make any sense?
It should be noted that it is quite valid for a “connection” of some sort to last a long time. The main protocol used (TCP) can happily have connections for hours, days, months or even years. Some protocols such as SCTP, and MOSH are designed to keep a single connection active indefinitely even with changes to IP addresses at each end and changing the means of connection (mobile, wifi, etc). Given the increasing use of permanent connections on mobile devices, it is easy to see how more and more applications will use such protocols to stay connected - making one “internet connection record” which could even have passed the 12 month time limit by the time it is logged.
Connections are also typically encrypted and have some data passing all the time, so it would not be practical for an ISP, even using deep packet inspection, to indicate that the girl “accessed twitter” right before she vanished, or even at all (just that there is a twitter app on the phone and logged in).