Photos and privacy: Say cheese!!

I was sat reading my book in a roof top bar in London.   The evening was drawing in and it had been a long day in travelling down to London, walking for around an hour from the train station to the hotel in which I was to be staying, and then getting checked in and settled.

As I sat there reading my book I saw a flash out of the side of my eye, from the phone in the hands of the gentleman sat to my right.    Had he just taken a photo?    Was his phone camera directed at me?  If so why?

As we use our devices more and more, including using them in public, there is an increasing chance of accidentally invading someone else’s privacy, of taking a picture of someone without their permission.   This photo may then go on to be shared on social media.

When I used to work out in the UAE I would often spend holiday periods sat by the beach in Abu Dhabi, and like my incident in London, would quite often feature in the holiday snaps of other people visiting the beach.     These holiday snaps would most likely then get uploaded to Facebook or other social media sites where facial recognition might attempt to tag me in photos that I was otherwise unaware that I was in.   There now was a public record of my holiday activities yet I hadn’t created it and may not even be aware of its existence.

Looking at the above incidents from the viewpoint of the person taking the photo there comes a point where we need to ask permission or to warn people before we take a photo.    This wasn’t the case when our photos had to be developed from film and when sharing was limited to showing friends and relatives the photo album you have gathered.   Now photos are digital and can easily be shared online, copied and even amended and adjusted this has become more important.   The question though is when is it acceptable to capture people in a photo by accident and when should we be asking permission?

From the point of view of the person ending up in a photo we have to ask whether we are happy to end up in someone else’s photo that may be shared.    As professionals would we be happy for photos of birthday party antics being online for people to find?    This leads to the difficult situation of having to speak to people taking photos to question their motives and intended use of images.   This does not generally come naturally to us as it often involves addressing strangers.

The increasingly common use of photography due to the ease of use brought about by high definition cameras built into our mobile phones presents a challenge.    The benefits of taking more photos, more photographic records of events, which are then shared versus the risk to personal privacy.

Do you tend towards the need for privacy or the benefits of taking lots of photos?

As facial recognition, big data and AI improve does this become more of an issue?

Encryption, privacy and public safety

hackerThe internet provides us with freedom to discuss ideas and thoughts, to collaborate and share.   For educators this is invaluable in sharing teaching techniques, resources and also allowing for the discussion of pedagogy and teaching ideologies.   It also allows us to securely purchase goods and services and to share images and video with our friends via social media such that only those we wish to have access to our content will have access.     For organisations it allows secure communication and transfer of files such as confidential or other sensitive business documents even when staff are out of the office travelling on business.    It allows files to be protected through encryption so that only authorized personnel have access.     On a personal level it allows files to be protected from prying eyes for where they are of a personal or private nature.

The above represents the positive side of technology, however technology is a tool and therefore much as a hammer can be used to build things or as weapon of violence, it can be used for malicious and evil purposes as much as it can be used for good.

In particular, the ability for secure communication and sharing of files can be used in planning acts of terrorism.    It can be used in coordinating acts of violence or other criminal activities.   It can be used to prevent police or intelligence services from accessing files which relate to illegal activities.

The above represents a dilemma.   From the security perspective we want the police and intelligence services to be able to access files and streams of communication for the purposes of keeping us safe.    This seems logical and an obvious step in light of recent events in the UK.    The prime minister in her recent speech made reference to how the internet provides a safe space for extremism to grow and how this needs to be tackled.   The issue here is that to do so we need to introduce vulnerabilities into the encryption methods to allow the police and intelligence agencies to have access.    This means that secure access methods become less secure not just for those conducting or planning illegal acts but for all users.   The vulnerabilities that give the police access, may be discovered or breached by criminal or other threat actors.      It’s like adding an extra side door to your house where only the police have the key.    If someone manages to copy the key, someone manages to create a skeleton key or if the police lose the key, then our house becomes accessible to those we would prefer to prevent from access.    The new door represents an increase in the risk to the privacy of home.    A perfect technology example is the recent WannCry ransomware where the source of some of the used vulnerabilities can be traced back to the NSA.    The NSA had discovered the vulnerability and developed tools to exploit it with a view to using it to protect people’s safety however when this leaked the same vulnerability was put to malicious use having a significant impact on the UK National Health Service (NHS) among others.      Any weakening of encryption is going to increase the risk associated with the security of business communications, banking, social networking and any other systems where data is being exchanged using the now weaker encryption methods.

Although giving the police and intelligence agencies the tools to better identify illegal activities and terrorism online sounds an obviously good idea, it doesn’t come without some downsides and risks.

Where is the correct balance between personal and corporate privacy and the ability of national agencies to view and intercept data in the interest of public safety?  

Where does personal privacy end and public safety begin?

 

 

 

 

 

 

Secure communication and sharing to prepare

Easy access to information.

Communication for the purposes of coordination

 

The internet is neutral with no-one exerting control.   It crosses boarders.    So how would it be effectiviely monitored?

If it is monitored then this introduces vulnerabilities to protocals which have security at their heart.   Such vulnerabilities, may become known by malicious actors.  This is a risk.