Law Enforcement’s Latest Stoolpigeon: Your Laser Printer

Whether you know it or not, almost all color laser printers manufactured in recent years have an important feature not listen on the box; a unique identifier. Much like the MAC address on network cards (covered in more depth in another posting), your laser printer is unique. Since most things we have bought of some value have serial numbers, this might not be so concerning, just as our car has the VIN number etched in several places but no-one is saying cars are giving up their privacy. This is where those analogies end though. The reason is, that your laser printer has a technology in it called “Docucolor” (clearly the people who came up with this aren’t beating Saatchi and Saatchi away for job offers. Docucolor uses a matrix of extremely hard to see yellow dots to identify the printer. Using these dots, they can identify the printer’s serial number. Since color laser printers are only sold though a few channels, this makes tracing down the person who purchased the printer (usually with a credit card) fairly easy to find.

Why is this technology there, well in the first place, it was placed in color laser printers since their quality has gotten so good that the Secret Service (the part of government that’s responsible for protection of the treasury as well as protecting our officials) was worried that counterfeiters could just print money. To be able to trace this activity they had Xerox install this technology. It should also be noted that popular image editing software also inhibits this by looking at images loaded into it and if the image looks too much like currency then the program won’t allow its scan/import.

So the roots of this seem valid enough, the problem is that once the technology is out there, it is that much easier for those who can trace this information to remove the anonymity of those that have made printouts. What makes it more nefarious is that it is done surreptitiously, so people do not know that there is identifiable information in their printouts. Imagine what would have been the outcome if the Dunlap Broadsides would have identified which of our founding fathers signed that treasonous declaration that helped launch this great nation.

As a practical matter, if you are worried about being traced though a laser printer, I would suggest using an inkjet printer (they are pretty disposable these days). Since Docucolor applies a date stamp, uses should consider that using public printers (Universities, workplaces, print shops (kinkos), etc.) will most likely create a record of your printing through security cameras. It’s also possible that between security cameras, and your payment record (unless you pay cash), you may provide a way to identify yourself when you are making these printouts.

Hiding in Plain Sight: Security by Obscurity is Poor Strategy

Though some of you may not have heard the phrase, “Security through Obscurity”; you probably know exactly what I’m talking about. For those who need a more lucid example, allow me to provide one. You may figure you will not end up on any spam email lists if you don’t give out your email address to anyone but friends. You might also think that if you post some pictures of a party you went to online (or a video or a blog) that do one will find it and that it is effectively safe by just being lost in mountains of other information that is out there. This notion has some historical relevance since it allowed the publication of anonymous fliers (think common sense and the federalist papers) as well as avoided government (or private) persecution of individuals (think of trying to track everyone in a civil rights march). In short, blending in to a crowd, or hiding amongst others provided a sufficient level of privacy for most people.

I would hypothesize that the privacy that is hinted at several time in the bill of rights was in the minds of our founding fathers. Few people of the time could have foreseen the information revolution and thus a sufficient amount of protection was provided by blending in. Of course there are negative connotations to this as well (the person who throws a rock from a crowd or fires a shot). The change comes when you have ways to aggregate that information. The assumed level of security disappears. Searches online can find users blogs, face recognition software will soon allow you to search for pictures of people based upon other pictures or tags that have been applied to the photos. Spammers use auto-email name generation and “web bugs” (to be discussed in another posting) to find your email address even if you never gave it to anyone.

The take away from this is simple; don’t assume unprotected information is hidden. Marijuana growers though they were safe using grow lamps within their homes until Mr. Kyllo found out that the police had something called a thermal imaging camera that let them see what was happening in his home. Search engines allow people to look for information that you may have posted (perhaps to a medical online help group). Another example would be that police now take pictures of protesters in crowds for later review (possibly for archiving as well; in some cases they may just want to take the video that you shot as in the Josh Wolf case). The bottom line is that new technology will make information aggregation and discovery much easier than ever before. This has significant social implications (both positive and negative) but from a privacy standpoint the takeaway is simple; don’t rely on hiding in a crowd.

You Are What You Look For – Search Engines And Data Profiling

Recently there was a flurry of search engine companies all touting their changes to their cookie life policies. As Google decided to go to 18 months for its cookie policy, other search providers followed suit or tried to one up them with shorter retention policies. The Thing to understand here is that, although this sounds like a privacy win for consumers, it is really something fairly unimportant. Cookies help sites know who you are. This is especially important for sites that have personably identifiable information (PII) on their users. The major search companies all have email programs that many users that have user’s information in them (both in signing up and in the message contents). Although it is true that people can give false information, the truth is that most people are honest. The new policies say that a year and a half after the last time you visit one of their sites, the cookie that they put on your machine will expire. This means that every time you go to one of that sites properties this year and a half timeline gets reset. So what’s the catch here? Well, remember that the majority of advertising on the net (and advertising is the monetization strategy for most of the web) is run by these companies. This means that if you don’t go to Google (or Gmail, Orkut, etc..) for a year and a half, this cookie still isn’t gone since you almost surely went to a site in that time period that uses Google adWords (full disclosure, Blogger, where this blog is hosted is owned by Google). Yahoo and MSN/Live are much the same (though Google has the vast majority of the search and ad traffic on the net). So although in theory there is a way for this data to go away, in reality it is quite unlikely that it will. Also, remember that a cookie is just an identifier; the real information on you is stored on the company servers. This means if you choose to delete your cookies (all browsers have this options and most can even let you block them) your information is still tracked since the next time you visit one of these sites, the cookie will be put back on your computer. The real key is what happens with the information.

Search/Ad companies really aren’t that interested in tracking “you”, they are interested in tracking who you are. They do this not out of some Orwellian desire to observe and control, they do it because it helps them sell more relevant ads to their clients who pay more money to get their ads shown to the people they want to target. By seeing where you go, what you write in your emails (yes Gmail does an automated search of all of your email) these companies can build a profile of who you are; and what you are interested in. Much a the old market research companies used to pay people to see what was in their pantry and form customer profiles based on this information, Ad companies are now doing the same thing. In and of itself, this may bother people who jealously guard their privacy but most people seem to feel ok with this. Where this can get more concerning is when these data stores are used for personal tracking/monitoring purposes. For example, assume you want to search for bomb making materials while researching a book, or child pornography to help the police track down those that take part in such an act. Such systems may be used by the police/FBI to indicate that you are a person who needs to be watched. The analogy would be the same as someone knowing what you buy and what you’re reading at the library. Prior to the USA Patriot act, such searches by the government were illegal. The reasoning was clear, it was an unreasonable invasion of privacy and the constitution forbid such dragnet searches. When information is gathered and tracked, even for innocuous reasons, it becomes a rich target for those who would want to exploit it (FBI records “mistakenly” ended up in the Clinton White House about Republican rivals in Congress (Filegate)and the K street project used lobbying donations to manipulate political donors to give only to Republican candidates.). Like many things in the privacy world, it is the aggregation of information and then the ability for others to access this information that makes its implications scary. When AOL released a large block of its search data, the implications became immediately apparent.

If you are interested in limiting the information kept by you by these companies, you should think about if you want to allow cookies form those sites. Furthermore, since IP addresses and Mac addresses can be sued to identify a machine, using an anonimizing network, like Tor, would add another layer of protection. There are also a couple of decent article on hiding your search tracks here and here.

PEN registers don’t sell PENs

So to grasp the way that some internet data is traced today (issues for a later posting) it is important that we look at the past (and as it turns out, the present). The past part is the PEN register. A PEN register is a device that was attached to phone company switches and used to record the numbers called and the times those numbers were called. These devices were able to be set up without a warrant as they do not record the contents of the call. This was a wonderfully effective tool against phone harassers and organized crime as well as phone phreakers who would use other people’s calling cards to call all around the world to connect to BBSs (Bulletin Board Systems (the precursor to today’s internet communities)). Since courts found that PEN registers were legal as they didn’t invade on the content of the communications, it can naturally be extrapolated that the same is true for internet traffic (although the courts seem to have been selective in their decisions of what “old” technology relates to the internet (in almost all cases, ruling that your internet communications have far less protections than traditional means of personal speech, land line phone calls, or US mail.

From a privacy standpoint, the connection of the call (or internet traffic) may still contain information that a user might not want to have made available (say if you are a whistle blower calling a reporter or govt. agency or you’re someone calling an AIDS clinic or planned parenthood might strongly insinuate things, even if those assumptions are incorrect). Because of this, many folks in organized crime (and phone phreaks) began using public phones which they could always go to another one and this made tracing much more difficult (the equivalent today would be pay as you go cellular phones though these are monitor-able and the records of their calls are kept so there is still a record (the users of this technology rely on the “security though obscurity” model which we’ll discuss in the future why this isn’t a great way to protect your privacy)). On the internet people use programs like tor to obscure who they are connecting to. This may be of additional concern to people since Congress passed a bill this week increasing the government’s eavesdropping, and snooping, abilities.

In other news: Dateline associate producer Michelle Madigan was outed this week while attending the hacker convention Defcon. Apparently she had gone undercover and the organizers didn’t seem to like the idea of someone trying to get attendees to admit to felonies on camera to shock the “folks in Kansas”. Welcome to a strange turn of the previous topic of the conflict between free speech/free press and privacy.