PRIVATE EYES EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY Inclusive of commentary on the newest technology to hit the city’s streets.

Nandi A. Clarke

DTEM 4440

Professor: N. Cameron Russell

Inclusive of: The Note, The Perspective, The Source

P R I VA T E E Y E SEXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY

THE NOTE 03Brief notation on a number of scholar’s works as well as court cases and news articles within the realm of privacy.

Introduction to privacy, concepts and delving into data protection 04 Creation, Access and Collection; Network Functionality and Privacy; Sources of Regulation 05 Commercial Use of personal data 07 Governance Processing of Personal Information 09 Public Sector: Fourth Amendment and Emerging Technology 10 Encryption, Law Enforcement and Intelligence Gathering (inclusive of article notation) 12 Federal Electronic Surveillance Law 19 Privacy in Places: Privacy in Schools, Privacy in the Workplace (inclusive of annotations) 20

THE PERSPECTIVE 31Assessments based on one’s understanding of given course material.

Position Paper — Encryption, Law Enforcement and Intelligence Gathering 32

Final — Terms of Misuse 34 Proposal 34 breaking down the possible research points into three main categories Outline 35 solidifying the data; three separate categories are created to discuss five required data points Final 41 comprehensive article inclusive of data pulls from a variety of sources

THE SOURCE 54Comprehensive list of all texts and works cited within this compilation.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY

CONTENT

NANDI CLARKE N. CAMERON RUSSELL PRIVACY AND SURVEILLANCE FALL SEMESTER 2016

On this section, THE NOTE:

There are no experiences that I can think which might be relevant to the course.

This generation is constantly bombarded by new enticing forms of technology and media, and many

use them willingly without even the slightest thoughts of repercussions. For years I have been wary of

social media and all associates, and the wariness has only increased with the creation of movies and

such, created to highlight the issue [not to mention real-life scenarios which don't set the government

in the best light]. Even with this being said, I must admit the concept of privacy in such a digital age is

fascinating, especially given the fact that although we, as a society are immersed in digital media and

such, there is much that is still unknown to the public.

Herein lies the issue.

This section focuses on scholars’ research into the industry of surveillance and privacy and their new

finding in a new world of technology.

Would you knowingly trade information for a bit of convenience?

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !3

T H E N O T E

INTRODUCTIONS : COURSE POLICIES AND EXPECTATIONS ; INTRODUCTION TO THE CONCEPT OF “PRIVACY” AND “DATA PROTECTION”WEEK 1 (WEDNESDAY, AUGUST 21, 2016

(I) April Glaser, If You Go Near the Super Bowl, You Will Be Surveilled Hard (Wired, January 31, 2016), !

https://www.wired.com/2016/01/govs-plan-keep-super-bowl-safe-massive-surveillance/.

• Note: If you are uncomfortable with surveillance, don't go [anywhere] near the game • Watchers. Coordinated: FBI and local police// viewers: see something/say something • Car tracking. 1 automatic license plate readers (ALPR): reading plate location/time/date ◦ revealing home/work and other information such as romantic relationships • Tracking face/body. over 3000 cameras (just one area) / private security ◦ people register them in police database to make it easier for law to access ▪ FBI working on a large facial recognition database (52 million images/ since 2015) • Tracking phones. fake cell phone towers are set up: known as stingrays// trick phones into linking to them • Processing Location. coordinated with numerous fusion centers ◦ NSA,FBI,local police and citizens//national suspicious activity reporting initiative; see something, say

something

(II) Lois Beckett, How Much of Your Data Would You Trade for a Free Cookie? (ProPublica, October 1, 2014), !

https://www.propublica.org/article/how-much-of-your-data-would-you-trade-for-a-free- cookie.

• Consumer Disconnect: The general public is unaware how important certain aspects of data are in relation to profiles.

(III) Michal Addady, This is the Worst Toy of the Year by Far (Fortune, December 8, 2015), #

http://fortune.com/2015/12/08/worst-toy-year/.

• Mattel's Hello Barbie ◦ Purpose. asks the child questions, then record and transit to a third party// for purpose of improving

speech recognition ◦ Flaw. 1 connecting to any network that includes barbie/ putting info (conversations) at risk// ▪ 2 cloud-based server susceptible to hackers

IV. SIDIS// Article and Courtcase

(I) J.L. Manley, Where Are They Now?: April Fool!, The New Yorker 22 (Aug. 14, 1937), #

http://www.sidis.net/newyorker1.pdf.

(II) Sidis v. F-R Publishing Corp., 113 F.2d 806 (2d Cir. 1940) [ATTACHED] #

• Protection of Privacy

◦ Tort 1. Said person is still protected of guaranteed privacy regardless of celebrity.

◦ Tort 2. Man sued magazine for publishing article stating he was a prodigy. He now wishes to conceal his

identity. No grounds// article had no malice.

◦ Tort 3. Cannot use name/photo of living persons in advertisements without their consent

◦ Tort 4. The articles were untarnished: no lies/no grounds

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !4

CREATION , ACCESS AND COLLECTION ; NETWORK FUNCTIONALITY AND PRIVACY ; SOURCES OF REGULATIONWEEK 2 (WEDNESDAY, SEPTEMBER 14, 2016

(i) Mannequins With Cameras: Are Your Mannequins Spying on You?, ABC News (Dec. 11, 2012), ! https://www.youtube.com/watch?v=HSDtTxYxpJY.

• [ISEE] retail weapon • uses facial recognition software//takes note: gender/age range/race • made by ALMAX (Italian company) • distinguished by hole in eye

(ii) Watch a Man Follow Target Shoppers and Narrate Their Actions, to Great Effect, Vulture (Jan. 12, 2011), http://www.vulture.com/2011/01/paranoid_prank_at_target.html.

• Man: Jack Vale// the majority of those paying attention to him and getting annoyed are women • note: only 2 men followed/ women stop and stare/ no black people followed

(2) Locate and review Google's Privacy Policy(ies) (currently in effect).

(3) Find Google's Privacy Policy(ies) on the following website and peruse it - https://explore.usableprivacy.org/.

(4) Read: A Brief Introduction to Fair Information Practices, Pam Dixon, World Privacy Forum, https://www.worldprivacyforum.org/2008/01/report-a-brief-introduction-to-fair-information- practices/

Patchwork of Privacy Statutes • Video Privacy Protection [VPP]// protects video rentals/title of movies • Health Information Portability and Accountability Act [HIPAA]// protects medical service providers • The Gramm-Leach-Buley Act [GLBA]//financial • The Family Educational Right and Privacy Act [FERPA]// student records • Children's Online Privacy Protection Act [COPPA]// online service provivder for users under 13 • Freedom Of Information Act [FOIA] • The Electronic Communications Privacy Act [ECPA]// created in 1986

Google Privacy Policy • Dimensions of Privacy

• Collection/Dissemination/Sharing • Storage/Deletion • Retrieval • Use • Authenticating identity

• Note: the company is required to have a policy, but specificity is not a requirement • Can change as they see fit, no notification necessary • Consent based on age

Cookie • short string of data stored on your hard drives • websites store them when visited

Open Data • easily accessible data from the private sector • providing a level of transparency [NYC Open Data]

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !5

Code of Conduct for Tracking Shoppers by Cellphones • can opt-out • de-aggregated//not associated with name/but keeps info like age and gender • similar to Fair Information Practices

No More Checks and Balances • FindFace "You Face is Big Data"

• app linked to Russian social media. Take a picture, pulls up info and social media profiles. 70% accurate • RFID

• chip within product, prevent shop-lifting • help with stocking/ deactivates with purchase • supply chain delivery/make sure inventory is in stock • convenience

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !6

COMMERCIAL USE OF PERSONAL DATA : GOVERNANCE REGIMESWEEK 3 (WEDNESDAY, SEPTEMBER 21, 2016) .

(1) Read: Making Your Privacy Practices Public, California Department of Justice (2014) https://oag.ca.gov/sites/all/files/agweb/pdfs/cybersecurity/making_your_privacy_practices_public. pdf. (2) Read: Interactive Advertising Bureau, Privacy Guidelines (2008),

http://www.businesswire.com/news/home/20080224005091/en/Interactive-Advertising-Bureaus- Board-Directors-Adopts-Privacy.

(3) Read: Dwyer v. American Express Co., 652 N.E.2d 1351 (Ill App. 1995), https://epic.org/privacy/junk_mail/dwyer.txt.

(4) Read: Online firm gave victim's data to killer,ChicagoTribune,January6,2002, . http://articles.chicagotribune.com/2002-01-06/news/0201060305_1_pretexting-docusearch-amy-boyer (5) Peruse: The Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business, Federal Trade

Commission (2013), https://www.ftc.gov/system/files/documents/plain- language/BUS84-coppa-6-steps.pdf

Privacy and Standards • California Compliance • California has such stringent/high standards that it saves much time to comply with them in the first place//

automatically compliant with everyone • Self-Regulation

• there is the potential for laws/things to be fixed at a faster rate when company regulates itself • Misconception/ Misunderstanding

• understanding different terms explicitly// ex. deleting an account vs. deleting data

The Computer Fraud and Abuse Act • Accessing another's computer without the consent of another

• broad • made to prevent fraud/hacking • could implicate: bg/gf loggin into account//worker using computer outside bounds

FTC - Absent Legislation • various statues protecting certain people within private sector

COPPA [Children's Online Privacy Protection Act] • protects.children under the age of 13 • regulation.public service providers who market to this demographic, under 13 • who enforces it. the FTC

FINAL RESEARCH PAPER PROPOSAL IDEAS LINK NYC • Purpose ◦ free wifi ◦ maps and directories ◦ free phone calls ◦ 911 button ◦ charging ◦ street room (more sidewalk? ◦ announcements • Privacy Collection Data

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !7

◦ plugging in device ◦ calling history/recording ◦ not even using directly, it still collects data [in passing] • False pretenses ◦ claim of free open service vs. actual implimentation • "USE" ◦ What constitutes use? ◦ by agreeing/using the service, you automatically agree to the terms

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !8

GOVERNMENT PROCESSING OF PERSONAL INFORMATION : FREEDOM OF INFORMATION ACTS (FOIAS)WEEK 5 (WEDNESDAY, OCTOBER 5, 2016

(1) Watch this unusual FOIA request: https://www.youtube.com/watch?v=9wqEmstfAEc; California man files FOIA request for White House beer recipe !

• Man (Scott Talcoff) filed a petition for white house beer recipe, people signed it • purpose. he wanted to have his own version on tap for a debate viewing party.

(2) Read pages 1-36 A Citizen’s Guide on Using the Freedom of Information Act and the Privacy Act of 1974 to Request Government Records, U.S. House of Representatives Committee on Oversight and Government Reform, ! https://oversight.house.gov/wp-content/uploads/2012/09/Citizens-Guide-on-Using-FOIA.2012.pdf.

The Freedom of information Act • purpose. allows people to request info from federal government, not applying to elected officials • what/types of records. requester may request records of any sort: tapes, map, photography, computer disk

• note: not all records must be disclosed • requesting. precision// have a fairly good idea of what you are requesting (title/time/date) of item. this speeds

up the process • making the request

• make sure the info is not already online • identify which agency has the records/ requests are made to specific agencies • REQUIREMENT. needs to be in writing// letter, email, facsimile. also accepted through FOIA website.

Lawyer not needed • INCLUDE. identify record being sought after, be as specific as possible • add you personal info to make communication easier

(3) Watch: Marcia Hoffman (EFF), How to get your FBI file (t]hrough 21:30 mark), https://www.youtube.com/watchv=5UxMUYu5jTw.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !9

PUBLIC SECTOR : FOURTH AMENDMENT AND EMERGING TECHNOLOGYWEEK 6 (WEDNESDAY, OCTOBER 12, 2016) –

(1) Do: Personal Dossier ! Try to find the following information about yourself on the internet from web pages that do not require payment or registration. Only search (1) name and (2) last known address. Try searches from two categories of search engines: (1) Ixquick/Duck Duck Go and (2) Google.

Observation • [searching name solely in Google]

• There were a number of results of the page, none of which pertained to me. Could not find a photo of myself.

• Even with this being said, there was link to a page, Spokeo, which would allow to pay the low price of $.95 to access the name, relatives and address on file for the profile that was looked up. • [upon accessing Spokeo]

• There are 35 people with my name residing in the US, 5 of which are in New York specifically. • The first result, however, was mine; accurate down to the age, address, relatives. There were 2

number listed, none of which I could access without payment. • [searching name and address in Google]

• the fourth link was to a copy of my resume which was uploaded to LinkedIn [which listed all of my eduational history, jobs, email address and such.

• the second link was to a website whois.domain.com • the link didn't so much pertain to me, but it contained information regarding the registration of my

website, Le Livre Noire • the page listed all information without any censor down to the cell number, address. The only thing

off limits was the email, for whatever reason. photo below. • [search using Duck Duck Go]

• the search gave no results leading to my name or profiles, only a map of my address, which I had entered into the search bar

Had it not been for my professional accounts and my website, there would be little to no information available.

(2) Review: The Fourth Amendment, ! https://www.youtube.com/watch?v=atsLAi9j6X0.

Right to Privacy • prevent government from taking home/papers/etc. without [probable cause] • warrant: signed by neutral judge// must be specific, down to the time/place

The Exclusionary Rule • cannot use evidence obtained illegally against person

• controversial • claim - letting a criminal off the hook • keeping police in line so that they do not infringe upon people's rights • actually in favor of protecting the innocent

NOTE: THE INTRODUCTION OF THE LOOPHOLE TO THE FOURTH AMENDMENT// THE THIRD PARTY DOCTRINE The Third Party Doctrine • There is no need for a warrant to get information from a third party. The user already voluntarily has given up this

information. The police/investigator would issue a subpoena

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !10

• you cannot ignore a subpoena • Loophole to subpoena. data encryption

• The response is to encrypt data. The business can literally say they don't have the information listed as it is encrypted.

(3) Read:Katz v. United States, 389 U.S. 347 (1967) ! https://www.law.cornell.edu/supremecourt/text/389/347.

IRAC: ISSUE.RULE.ANALYSIS.CONCLUSION • Issue. Does Katz have a reasonable expectation of privacy? • Rule. He shut the door of the booth. Since he expected privacy, the police needed a warrant in order to bug the

phone booth. • Analysis. Glass is not to protect the watchful eye, but the unwanted ear. • Conclusion. It was an invasion of privacy.

REASONABLE EXPECTATION OF PRIVACY TEST • Two prong test, testing the level of expected privacy • Subjective Expectation --> What did you think? • Reasonable Expectation --> What does society think?

(4) Judge Kozinski, Digital Privacy and the 4th Amendment- ! http://www.cato.org/multimedia/cato-video/judge-alex-kozinski-digital-privacy-fourth-amendment- rights-0.

[brief bit on companies] • companies referenced: Amazon/Netflix/Google/Facebook • sell your info for targeted ads all done by machine • Google

• Indexing 100% automated// having machine computing is somehow seen as [less pervasive] • supposed sense of anonymity

• Facebook • beacon tracking. tracks user activity/ automatically sends info to friends and contacts/issues when time

for Christmas shopping came about// website update. users forced to privatize all of their information

General public • concerned about privacy/ expect more • but would trade it for convenience • hypocritical. mad about surveillance // still mad when suspicious activity is not detected • Compliance with Fourth Amendment

• issues since the invention of the telephone// tapping the phone line, there is no need to trespass • KATZ1967

• He was in the booth making illegal bets// Violation because the 4th amendment protects PERSON not PLACE • He had a reasonable expectation of privacy when he closed the door. • 4TH Amendment Issue

• issues arise after evidence is already collected//which means a guilty person person • common expectation and general consensus play into the perception and upholding of the fourth amendment • how does the public treat the space?

• OVERARCHING QUESTION: The judge poses the question as to whether the two prong test (gaging the reasonable expectation of privacy test] would still hold up in a tech-based society?

(5) Read: Kyllo v. United States, 533 U.S. 27 (2001), https://www.law.cornell.edu/supct/html/99-8508.ZO.html.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !11

ENCRYPTION , LAW ENFORCEMENT AND INTELLIGENCE GATHERINGWEEK 8 (WEDNESDAY, OCTOBER 26, 2016

Federal, state and local law enforcement: Cece, Lauren, Brandon Technologists: Chandler, Nandi Civil libertarians: Shanen, Ella, Kathy Smartphone companies like Apple and Google: Ian, Bora

ENCRYPTION NOTES 1. 8. #encryption American Tech Giants Face Fight in Europe Over Encrypted Data 2. 8. #encryption As encryption spreads, U.S. grapples with clash between privacy, security 3. 8. #encryption Benefits of Encryption 4. 8. #encryption Gigaom | Why 2015 is the year of encryption 5. 8. #encryption Ron Wyden Discusses Encryption, Data Privacy and Security 6. 8. #encryption What is encryption? from WhatIs.com 7. 8. #encryptiondebate STANCE AND NOTES

Stance: Technologist// in favor of encryption

STANCE • preventing law enforcement access • Assignment: 2 pages, single space

• just cite any extra sources used • encryption

• keeping information safe • open • keeping messages secret • Caesar's cypher

• algorithm • key: reader unlocks method • public key. shared with everyone • secret key. SSL and TLS

in interest of the consumer • useful in case of cyber attack • improves trust//physical manifestation of privacy policy

• if the company cannot decrypt it, what is the harm?

competition — keeping audience/ consumers happy • better for privacy if in competition • battle for who is more secure • accessibility/easy of use • versatility of of platform use

• data now has the the ability of being stored in a variety of platforms//encryption of each device, great in the case of lost stolen device

What is encryption? • Protection of the audience// only those who were intended to be the audience are able to access the

messages. • Key features of encryption:

• authentication (knowing the origin of the message)

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !12

• integrity (pro that what the user is reading is, in fact, the original unaltered message) • non-repudiation (the sender cannot deny sending messages) • The concept of encryption, rather translating messages from their original form goes back centuries;

from earlier examples such as the use of certain non-customary hieroglyphs in order to mask the true meaning of the inscription (Egypt) to Spartans writing classified messages on slim bands of leather which were wrapped around sticks and recently the use of a machine created by Alan Turing which was created to decrypt the cryptographic algorithm of the Enigma Code (though this is a story for another time).

• Three basic components: the original data, which is commonly known as plaintext, the encryption algorithm and a key

• Assurance of the integrity of messages, rather, data in general. The concept of encryption survives to ensure that only those who were the intended recipients of the message can view it. • Symmetric-keys — private — using same key in order to encrypt a message or file. • Asymmetric cryptography — public-key cryptography

GIGAOM | Why 2015 is the year of encryption? • There is a misconception that the companies are encrypting this data and using it for nefarious purposes.

However, this is not the case. They do not have access to the information once it has been encrypted. There are rare cases where the key is list whilst encoding, rendering the message irretrievable. • assimilating to new digital technology in modern time. protection of the consumer.

• The cell phone has become a staple in the home/everyday life. In this society where data and personal information are not commodities, encryption is in the interest of the consumer.

• Improvements to outdated HTTP including compression and ability to withstand more-data transfer, faster speeds (content to browser). There were hopes that this would lead to the entire world wide web to be encrypted, which has not happened. Rather Individual companies have been taking a stance in the matter, Mozilla and Google to ensure that the consumer is receiving the latest in software, and also encouraging website to upgrade to tougher security of risk losing an audience.

PAPER STRUCTURE • One sentence overview. # • New digital technology and emerging media # • #views on privacy and surveillance which are antiquated, it is important to update technology, which is in the

interest of both the consumer and technological companies. • #BRIEF ON ENCRYPTION.

• What is it? • Types?

• DEBATE:!Apple and Google recently started developing and selling encrypted smartphones that cannot be unlocked either by law enforcement or by the companies producing them. • !Should smartphone communications and other content be capable of encryption preventing law

enforcement access? #Technologists: Yes, we should be able to develop encryption technologies even if they prevent law enforcement access to smartphone communications and other content.

• #YES, IT IS IN EVERYONE’S INTEREST • #consumers/audience • #companies (in the eyes of consumers/cannot be help accountable, for lack of better word, in court)

• #GOVERNMENT LOOPHOLES AND OVERSIGHT, loophole to laws, law enforcement surpassing warrants in the interest of obtaining information from the direct source, technology companies. • encryption, saves time and is loophole to getting out of subpoenas, the company can legitimately

state that they do not have access to

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !13

SOURCE: Why 2015 is the year of encryption

https://gigaom.com/2015/02/28/why-2015-is-the-year-of-encryption/ During a visit to Silicon Valley earlier this month, President Obama described himself as “a strong believer in strong

encryption.” Some have criticized the president for equivocating on the issue, but as “strong believers” ourselves, we’ll take him at his word. Obama isn’t alone; everyone is calling for encryption, from activists to engineers, and even government agencies tasked with cybersecurity.

In the past, using encryption to secure files and communication has typically only been possible for technically sophisticated users. It’s taken some time for the tech industry and the open source community to ramp up their efforts to meet the call for widespread, usable encryption, but the pieces are in place for 2015 to be a turning point.

Last fall, [company]Apple[/company] and [company]Google[/company] announced that the newest versions of iOS and Android would encrypt the local storage of mobile devices by default, and 2015 will be the year this change really starts to takes hold. If your phone is running iOS 8 or Android Lollipop 5.0, photos, emails and all the other data stored on your device are automatically secure against rummaging by someone who happens to pick it up. More important, even the companies themselves can’t decrypt these devices, which is vital for protecting against hackers who might otherwise attempt to exploit a back door.

There is a misconception that the companies are encrypting this data and using it for nefarious purposes. However, this is not the case. They do not have access to the information once it has been encrypted. There are rare cases where the key is list whilst encoding, rendering the message irretrievable.

Of course the protection from these updated operating systems relies on user adoption, either by upgrading an old device or buying a new one with the new OS preinstalled. Gigaom readers might be on the leading edge, but not everyone rushes to upgrade. Based on past adoption trends, however, a majority of cell phone users will finally be running one of these two operating systems by the end of 2015. As the Supreme Court wrote last year, cell phones are a “pervasive and insistent part of modern life.” The world looks a whole lot different when most of those phones are encrypted by default.

assimilating to new digital technology in modern time. protection of the consumer. The cell phone has become a staple in the home/everyday life. In this society where data and personal information are

not commodities, encryption is in the interest of the consumer.

There are two more developments involving encryption which might not make the front page this year, but they’re equally as important as the moves by Apple and Google, if not more so.

First, this month saw the finalization of the HTTP/2 protocol. HTTP/2 is designed to replace the aging Hyper-Text Transfer Protocol (HTTP), which for almost two decades has specified how web browsers and web servers communicate with one another. HTTP/2 brings many modern improvements to a protocol that was designed back when dial-up was king, including compression, multiplexed data transfers, and the ability for servers to preemptively push content to browsers.

Improvements to outdated HTTP including compression and ability to withstand more-data transfer, faster speeds (content to browser). There were hopes that this would lead to the entire world wide web to be encrypted, which has not happened. Rather Individual companies have been taking a stance in the matter, Mozilla and Google to ensure that the consumer is receiving the latest in software, and also encouraging website to upgrade to tougher security of risk losing an audience.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !14

HTTP/2 was also originally designed to operate exclusively over encrypted connections, in the hope that this would lead to the encryption of the entire web. Unfortunately that requirement was watered down during the standards-making process, and encryption was deemed optional.

Despite this, Mozilla and Google have promised that their browsers will only support encrypted HTTP/2 connections—which means that if website operators want to take advantage of all the performance improvements HTTP/2 has to offer, they’ll have to use encryption to do so or else risk losing a very large portion of their audience. The net result will undoubtedly be vastly more web traffic being encrypted by default.

But as any sysadmin can tell you, setting up a website that supports encryption properly can be a huge hassle. That’s because in order to offer secure connections, websites must have correctly configured “certificates” signed by trusted third parties, or Certificate Authorities. Obtaining a certificate can be complicated and costly, and this is one of the biggest issues standing in the way of default use of HTTPS (and encrypted HTTP/2) by websites.

Fortunately, a new project launching this summer promises to radically lower this overheard. Let’s Encrypt will act as a free Certificate Authority, offering a dramatically sped-up certificate process and putting implementation of HTTPS within the reach of any website operator. (Disclosure: Our employer, the Electronic Frontier Foundation, is a founding partner in Let’s Encrypt.)

Of course there are sure to be other developments in this Year of Encryption. For example, both Google and Yahoo have tantalizingly committed to rolling out end-to-end encryption for their email services, which could be a huge step toward improving the famously terrible usability of email encryption.

Finally, we’d be accused of naiveté if we didn’t acknowledge that despite President Obama’s ostensible support, many high-level law enforcement and national security officials are still calling for a “debate” about the balance between encryption and lawful access. Even putting aside the cold, hard fact that there’s no such thing as a “golden key,” this debate played out in the nineties in favor of strong encryption. We’re confident that in light of the technical strides like the ones we’ve described, calls for backdoored crypto will come to seem increasingly quaint.

Andrew Crocker is an attorney and fellow at the Electronic Frontier Foundation. Follow him on Twitter @AGCrocker. Jeremy Gillula is a staff technologist at the Electronic Frontier Foundation. Prior to EFF, Jeremy received his

doctorate in computer science from Stanford, and a bachelor’s degree from Caltech.

encryption http://searchsecurity.techtarget.com/definition/encryption

Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties.

Download Your Guide to the ISACA CISM Certification Take a closer look at the ISACA Certified Information Security Manager certification, including the value it provides

security professionals, how it compares to other security professionals, and what the CSX program offers • Corporate Email Address: By submitting your personal information, you agree that TechTarget and its partners may contact you regarding

relevant content, products and special offers. You also agree that your personal information may be transferred and processed in the United States, and that you have

read and agree to the Terms of Use and the Privacy Policy. The primary purpose of encryption is to protect the confidentiality of digital data stored on computer systems or

transmitted via the Internet or other computer networks. Modern encryption algorithms play a vital role in the security assurance of IT systems and communications as they can provide not only confidentiality, but also the following key elements of security:

• Authentication: the origin of a message can be verified. • Integrity: proof that the contents of a message have not been changed since it was sent. • Non-repudiation: the sender of a message cannot deny sending the message.

Protection of the audience// only those who were intended to be the audience are able to access the messages.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !15

Key features of encryption: authentication (knowing the origin of the message) /integrity(pro that what the user is reading is, in fact, the original unaltered message) /non-repudiation (the sender cannot deny sending messages)

History of encryption

The word encryption comes from the Greek word kryptos, meaning hidden or secret. The use of encryption is nearly as old as the art of communication itself. As early as 1900 BC, an Egyptian scribe used non-standard hieroglyphs to hide the meaning of an inscription. In a time when most people couldn't read, simply writing a message was often enough, but encryption schemes soon developed to convert messages into unreadable groups of figures to protect the message's secrecy while it was carried from one place to another. The contents of a message were reordered (transposition) or replaced (substitution) with other characters, symbols, numbers or pictures in order to conceal its meaning.

The concept of encryption, rather translating messages from their original form goes back centuries; from earlier examples such as the use of certain non-customary hieroglyphs in order to mask the true meaning of the inscription (Egypt) to Spartans writing classified messages on slim bands of leather which were wrapped around sticks and recently the use of a machine created by Alan Turing which was created to decrypt the cryptographic algorithm of the Enigma Code (though this is a story for another time).

In 700 BC, the Spartans wrote sensitive messages on strips of leather wrapped around sticks. When the tape was unwound the characters became meaningless, but with a stick of exactly the same diameter, the recipient could recreate (decipher) the message. Later, the Romans used what's known as the Caesar Shift Cipher, a monoalphabetic cipher in which each letter is shifted by an agreed number. So, for example, if the agreed number is three, then the message, "Be at the gates at six" would become "eh dw wkh jdwhv dw vla". At first glance this may look difficult to decipher, but juxtapositioning the start of the alphabet until the letters make sense doesn't take long. Also, the vowels and other commonly used letters like T and S can be quickly deduced using frequency analysis, and that information in turn can be used to decipher the rest of the message.

The Middle Ages saw the emergence of polyalphabetic substitution, which uses multiple substitution alphabets to limit the use of frequency analysis to crack a cipher. This method of encrypting messages remained popular despite many implementations that failed to adequately conceal when the substitution changed, also known as key progression. Possibly the most famous implementation of a polyalphabetic substitution cipher is the Enigma electro-mechanical rotor cipher machine used by the Germans during World War Two.

It was not until the mid-1970s that encryption took a major leap forward. Until this point, all encryption schemes used the same secret for encrypting and decrypting a message: a symmetric key. In 1976, B. Whitfield Diffie and Martin Hellman's paper New Directions in Cryptography solved one of the fundamental problems of cryptography, namely how to securely distribute the encryption key to those who need it. This breakthrough was followed shortly afterwards by RSA, an implementation of public-key cryptography using asymmetric algorithms, which ushered in a new era of encryption.

How we use encryption today Until the arrival of the Diffie-Hellman key exchange and RSA algorithms, governments and their armies were the only

real users of encryption. However, Diffie-Hellman and RSA led to the broad use of encryption in the commercial and consumer realms to protect data both while it is being sent across a network (data in transit) and stored, such as on a hard drive, smartphone or flash drive (data at rest). Devices like modems, set-top boxes, smartcards and SIM cards all use encryption or rely on protocols like SSH, S/MIME, and SSL/TLS to encrypt sensitive data. Encryption is used to protect data in transit sent from all sorts of devices across all sorts of networks, not just the Internet; every time someone uses an ATM or buys something online with a smartphone, makes a mobile phone call or presses a key fob to unlock a car, encryption is used to protect the information being relayed. Digital rights management systems, which prevent unauthorized use or reproduction of copyrighted material, are yet another example of encryption protecting data.

How encryption works

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !16

Data, often referred to as plaintext, is encrypted using an encryption algorithm and an encryption key. This process generates ciphertext that can only be viewed in its original form if decrypted with the correct key. Decryption is simply the inverse of encryption, following the same steps but reversing the order in which the keys are applied. Today's encryption algorithms are divided into two categories: symmetric and asymmetric.

Three basic components: the original data, which is commonly known as plaintext, the encryption algorithm and a key. Assurance of the integrity of messages, rather, data in general. The concept of encryption survives to ensure that only

those who were the intended recipients of the message can view it.

Symmetric-key ciphers use the same key, or secret, for encrypting and decrypting a message or file. The most widely used symmetric-key cipher is AES, which was created to protect government classified information. Symmetric-key encryption is much faster than asymmetric encryption, but the sender must exchange the key used to encrypt the data with the recipient before he or she can decrypt it. This requirement to securely distribute and manage large numbers of keys means most cryptographic processes use a symmetric algorithm to efficiently encrypt data, but use an asymmetric algorithm to exchange the secret key.

Symmetric-keys — private — using same key in order to encrypt a message or file.

Asymmetric cryptography, also known as public-key cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. RSA is the most widely used asymmetric algorithm, partly because both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute provides a method of assuring not only confidentiality, but also the integrity, authenticity and non-reputability of electronic communications and data at rest through the use of digital signatures.

Asymmetric cryptography — public-key cryptography

Cryptographic hash functions A cryptographic hash function plays a somewhat different role than other cryptographic algorithms. Hash functions are

widely used in many aspects of security, such as digital signatures and data integrity checks. They take an electronic file, message or block of data and generate a short digital fingerprint of the content called a message digest or hash value. The key properties of a secure cryptographic hash function are:

• Output length is small compared to input • Computation is fast and efficient for any input • Any change to input affects lots of output bits • One-way value-- the input cannot be determined from the output • Strong collision resistance -- two different inputs can't create the same output In 2012, the National Institute of Standards and Technology (NIST) announced Keccak as the winner of its

Cryptographic Hash Algorithm Competition to select a next-generation cryptographic hash algorithm. The Keccak (pronounced "catch-ack") algorithm will be known as SHA-3 and complement the SHA-1 and SHA-2 algorithms specified in FIPS 180-4, Secure Hash Standard. Even though the competition was prompted by successful attacks on MD5 and SHA-0 and the emergence of theoretical attacks on SHA-1, NIST has said that SHA-2 is still "secure and suitable for general use."

The ciphers in hash functions are built for hashing: they use large keys and blocks, can efficiently change keys every block and have been designed and vetted for resistance to related-key attacks. General-purpose ciphers used for encryption tend to have different design goals. For example, the symmetric-key block cipher AES could also be used for generating hash values, but its key and block sizes make it nontrivial and inefficient.

Contemporary encryption issues For any cipher, the most basic method of attack is brute force; trying each key until the right one is found. The length

of the key determines the number of possible keys, and hence the feasibility of this type of attack. Encryption

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !17

strength is directly tied to key size, but as the key size increases so too do the resources required to perform the computation.

• Margaret Rouse asks: Will the industry ever reach a point where all encryption algorithms can be broken by brute force and rendered useless or uneconomic?5 Responses Join the Discussion

• PrevNext Alternative methods of breaking a cipher include side-channel attacks, which don't attack the actual cipher but its

implementation. An error in system design or execution can allow such attacks to succeed. Another approach is to actually break the cipher through cryptanalysis; finding a weakness in the cipher that can be

exploited with a complexity less than brute force. The challenge of successfully attacking a cipher is easier of course if the cipher itself is flawed in the first place. There have always been suspicions that interference from the National Security Agency weakened the Data Encryption Standard algorithm, and following revelations from former NSA analyst and contractor Edward Snowden, many believe they have attempted to weaken encryption products and subvert cryptography standards.

Despite these issues, one reason for the popularity and longevity of the AES algorithm is that the process that led to its selection was fully open to public scrutiny and comment ensuring a thorough, transparent analysis of the design.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !18

FEDERAL ELECTRONIC SURVEILLANCE LAW : ECPA; INTELLIGENCE GATHERING , NSA & EDWARD SNOWDENWEEK 9 (WEDNESDAY, NOVEMBER 2, 2016To be covered • Federal Electronic Surveillance Law • Electronic Communications Privacy Act (ECPA)

• Foreign Intelligence Surveillance Act (FISA) • the NSA and Edward Snowden

Electronic Communications Privacy Act (ECPA) • Protects communication

• Question of use of camera (ex. While shopping) • Fine, unless there is audio

• 180 Day rule • Originally: the email would have been there 6 months • You did not read it, you do not care • Makes no sense in this day and age

• Cloud computing • Information can be kept for unlimited amounts of time

• Industries want reformThis is means clarity/no ambiguity

• Intercepting • Applies to private sectors • Cannot wire tap people

• EXCEPTIONS • Consent • Some states have 1 party consent/ sometimes 2 party consent is necessary • If the product is publicly available • Ordinary course of business

COURT CASE

Ordinary law enforcement • 4th amendment/probable cause (needs a warrant) • Warrants

• have to be specific • they have time limits

Domestic national security 4th amendment/ ECPA

Foreign surveillance, re: nat’l security

• wider net (can be vague)

FISA/ Patriot Act • secret court, public was unaware of this court until Snowden • approves warrants to surveil under this category

Patriot Act • authorize non-US people • amendment to FISA (Foreign Intelligence Surveillance Act) • the 4th amendment applies to person on US soil • probable cause that person is an agent of a foreign power • the true target is abroad • specific section authorizing certain practices

• authorize metadata, whole cell metadata from telecom companies, who could not disclose that this was going on

• can subpoena • silence the recipient of the subpoena, in order to allow surveillance to be done • prison program: targeting the internet communications of Non-US people//target

could encompass US citizen if in contact

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !19

PRIVACY IN PLACES : IN THE SCHOOL AND IN THE WORKPLACEWEEK 11 (WEDNESDAY, NOVEMBER 16, 2016

[on previous virtual class]• Man with mustache lobbying for electronic company • interests fueled by data• create rules for disseminating data

• when to delete• take away personal identifiers 

• pro. able to utilize information to see statistics• con. hinders the concept of personalized learning

• commercial interests

[brief annotations from course work on next few pages]

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !20

ANNOTATIONSPRIVACY AND CLOUD COMPUTING IN PUBLIC SCHOOLS

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !21

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !22

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !23

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !24

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !25

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !26

ANNOTATIONSWORKPLACE PRIVACY AND EMPLOYEE MONITORING

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !27

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !28

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !29

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !30

NANDI CLARKE N. CAMERON RUSSELL PRIVACY AND SURVEILLANCE FALL SEMESTER 2016

On this section, PERSPECTIVE:

Throughout the course, and as one became more familiar with the realm of surveillance, whether it be

on a federal or local level, and its implications on privacy, several writing assessments were assigned

offering one to take a stance on an issue [within the realm of privacy]. Position papers offered the

student the chance to research a given topic and respond as if one were a professional or simply a

member of a given field or demographic (for example, a technologist). For the final research paper, one

was to choose a technology or some sort of object which affects one on a daily basis and research it,

getting to the root of the object in questions’ ties to surveillance.

What you see is not always what you get.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !31

PERSPECTIVE

POSITION PAPER 2 ENCRYPTION, LAW ENFORCEMENT AND INTELLIGENCE GATHERING

Nandi A. Clarke N. Cameron Russell Privacy and Surveillance Position Paper 2: Encryption, Law Enforcement and Intelligence Gathering

In a tense political atmosphere, encryption explores the controversial debate of privacy versus security.

The concept of encryption, rather, translating messages from their original form goes back centuries; from earlier examples such as the use of certain non-customary hieroglyphs in order to mask the true meaning of the inscription (Egypt) to Spartans writing classified messages on slim bands of leather which were wrapped around sticks and recently the use of a machine created by Alan Turing which was created to decrypt the cryptographic algorithm of the Enigma Code (which enabled Germany to transcribe messages which The Allies could not crack during World War II).

Today, encryption is not discussed on such a broad scale, but on a smaller spectrum based on the relationship between consumers, their technology and the government. Most recently, companies such as Google and Apple began developing and marketing encrypted smartphones which could be unlocked neither by the government nor the companies which produced the product. There are many that will argue the case that this directly hinders law enforcement’s ability to sufficiently do their job as the general public’s views on surveillance and privacy are antiquated at best. However, this is not case. Drastic government oversight regarding one’s right to privacy are constantly being implemented in light of surveillance. Encryption provides a solution to this and is in the best interest of consumers, companies, and to some extent the law enforcement.

Encryption entails the altering of electronic data into a completed different structure, known as ciphertext. It is composed of three basic components: the original data — commonly known as plaintext — the encryption algorithm and a key; an equation ensuring that only those who were intended to be the audience of the encrypted data are able to access the information.

Encryption encourages companies to meet emerging standards. When the consumer is contented, sales increase. Encryption ensures that companies are kept on their toes, essentially creating competition between different companies as to whom offers more security to the general public. Before the use of any item or product, consumers sign, whether physical or implied, forms detailing that they understand that by using certain products, they are adhering to certain security and privacy standards set by the company. Encryption is essentially the manifestation of the modern privacy policy. In such a digital age, assimilating to new digital technologies are key to increasing sales and levels of consumer reliability. The cell phone has become a staple in the home/everyday life. In this society where data and personal information are now commodities, encryption is in the interest of the consumer. Improvements are even being made to the outdated HTTP (Hyper-Text Transfer Protocol) including compression and the ability to withstand more-data transfer, faster speeds (content to browser). There were hopes that this would lead to the entire world wide web to be encrypted, which has not happened. The push towards greater security for for consumers did encourage individual companies to take a stance in the matter, Mozilla and Google to ensure that the consumer is receiving the latest in software, and also encouraging website to upgrade to tougher security of risk losing an audience.

On any given day, unbeknownst consumers interact with varying forms of encrypted date, whether it be through email, perusing social media accounts or using downloaded applications without the worry of their information being compromised. This is in part due to the system of encrypting data: coded data allows integrity within the realm of data sharing, giving consumers the piece of mind that not only are they receiving original unaltered information, but also being privy to both the source of data and knowing they the sender of the data cannot deny having sent messages. There is a misconception that the companies are encrypting this data and using it for nefarious purposes. However, companies do not have access to the information once it has been encrypted. There are rare cases where the key is list whilst encoding, rendering the message irretrievable.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !32

Encryption provides a fix to government loopholes. Time and time again, newspapers have done reports on law enforcement misusing their powers, essentially overstepping the law. This proves problematic when juxtaposed with the hyper-surveillance oriented government that inhabits many government systems, referring mainly to that of the United States. Consumer are now wary of the law enforcement accessing personal/private data illegally. The key word here is illegally. The Fourth amendment directly references the right to privacy, protecting civilians and their property from being taken, looked through or accessed without a warrant signed by a neutral party. As an added incentive to civilians, there is the Exclusionary Rule stating that evidence obtained illegally cannot be used against the civilian. Law enforcement circumvents these through the Third Party Doctrine, which enables them to access previously guarded data via third party under the assumption that the user free relinquished the privacy of said data at the time of signed privacy policies and such. With this being said, how is it possible for companies to protect the integrity of their customer’s information and still abide by the law? Encryption. Considering the time, effort and expertise required to even attempt to retrieve encrypted data from third parties, companies are now afforded the ability of legitimately stating that they have no access to the requested data. Companies cannot be help accountable for irretrievable data.

Still on the topic of governments and encryption, it is important to note that the same process which block law enforcement from retrieving data without the authorization of the user also protect the government from cyberattacks. It is important to note that encryption protocols are not impossible to hack, however it would take a significant amount of time and technology in order to hack into and retrieve data in a time sensible fashion.

Though encryption proves a hindrance for law enforcement seeking to access unauthorized data, it has varying redeemable qualities: protection the web from massive cyberattack, protecting the integrity of the fourth amendment as well as creating a healthy relationship between companies manufacturing and producing goods and their consumers.

WORKS CITED "Benefits of Encryption." Benefits Of. 26 Apr. 2011. Web. 23 Oct. 2016. <http://benefitof.net/benefits-of-encryption/>.

Crocker, Andrew, and Jeremy Gillula. "Why 2015 Is the Year of Encryption.” Gigaom. 28 Feb. 2015. Web. 23 Oct. 2016.

Kang, Cecilia. "Ron Wyden Discusses Encryption, Data Privacy and Security." The New York Times. The New York Times, 09 Oct. 2016. Web. 23 Oct. 2016.

Nakashima, Ellen, and Barton Gellman. "As Encryption Spreads, U.S. Grapples with Clash between Privacy, Security." Washington Post. The Washington Post, 10 Apr. 2015. Web. 23 Oct. 2016.

Scott, Mark. "American Tech Giants Face Fight in Europe Over Encrypted Data." The New York Times. N.p., 27 Mar. 2016. Web. 23 Oct. 2016. <http://nyti.ms/1RIcauW>.

"What Is Encryption?" SearchSecurity. Web. 23 Oct. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !33

F INAL RESEARCH PROJECTPROPOSAL

A seemingly innocent installation is causing controversy.

There is seldom an instance where an invention neglects to surpass its original intended use. The invention in question is the newest addition to New York City’s streets: the LinkNYC kiosk. Under the guise of free wifi and promoting social connectivity, this device is aiming directly at your wallet. It is impossible to walk a block in Manhattan without seeing these multicolor eyesores. These large tablets have been popping up all over the city claiming to “bring the fastest free public Wi-Fi to millions of New Yorkers and visitors.” This sounds absolutely great on paper, except at what cost. Is free wifi really worth the privacy it costs? The LinkNYC kiosk offers a variety of services: free wifi, maps and directories, free phone calls, a distress button (911), device charging and announcements (whatever that may pertain to). The kiosk does exactly as it says, so what exactly is the issue? Disclosure. The issue is not is what the device is claiming to do but rather what it has yet to mention. No where on the website does it state a claim regarding plans to roll out features which would enable monitoring those who use the deviceor the fact that it collects data weather or not the consumer in question actually uses the product directly. Herein lies two connected issues: surveillance and reaffirmation of previous economic boundaries.

SURVEILLANCE As previously states, it is somewhat expected with the ever advancing digital technology industry that devices will in deed evolve and therefor, be able to do a multitude of task which may not have originally be in the blueprints. However, this is most likely not the case with these kiosks. As they are now, there are already a minute camera surreptitiously placed about the touchscreen of the kiosks (suspiciously above eye level) which are most likely monitoring passersby to gage how much interest the installations are getting, and this would make sense, had it not been paired with information theft.

REAFFIRMATION OF BOUNDARIES There is also something to be said to the locations in which these kiosks are being place. If the real goal of the creators of the kiosk was really to provide city-wide wifi to the community, then why are the majority of them stations in already affluent neighborhoods. One would assume that if providing this free service to all New York Residents was really the initial intent then the placement of said kiosks would have been more strategically places, unless there was a more malicious intent. Pair free information, soon to be facial recognition and live commercial marketing together and one arrives at a very different message that free wifi for all.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !34

F INAL RESEARCH PROJECTOUTLINE

Nandi A. Clarke N. Cameron Russell Privacy & Surveillance November 9, 2016 updated

LINKNYC: TERMS OF MISUSE INTENT, IMPLEMENTATION AND IMPACT

Commentary on the LinkNYC Initiative Outline Updated: November 9, 2016 Subtitle subject to change Intent, Implementation and Impact//The economics of information General Quotation Never trust anything that can think for itself if you cant see where it keeps its brain.— Arthur Weasley Tagline subject to change A seemingly innocent installation is causing controversy. Paper Specifics

• Required length: 8-10 pages • Touchpoints

1. observation and discussion of how the technology works, its basic technical architecture, and how it affects your daily life 2. discussion of how the technology may cause privacy concerns for you and others; 3. identification of any competing interests unrelated to privacy in the creation and deployment of the technology 4. a prediction as to the trajectory of the technology and its future societal effects; 5. given this outlook, a recommendation as to how current laws and/or policy should respond with respect to the technology to

balance privacy with the various competing interests in play and to resolve the conflict Breakdown

In order to address the varying facets regarding the LinkNYC program, the paper has been hypothetically divided into three sub-categories, detailed below. The five above touch points have been absorbed into the three main categories and are outlined underneath each titles. Update Intent (background, mention noticing several kiosks pop up in Manhattan) Implementation (secretive background, kiosks themselves, privacy policy inconsistencies) Impact (effects of initiative on society and law proposals)

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !35

I. INTENT A. Purpose

1. History — introducing the LinkNYC initiative a) Who is behind the program? b) Purpose of program

B. History 1. [Issue] 2012 — city seeks to fix pending ‘issue’

a) Reinvent Payphone Design Challenge (December 4,2012 — March 5,2013)(1) Goal — find an answer to the question: How can New York City reinvent payphones to make our city

more accessible, safer, healthier, greener and better informed?(2) Issues w/ payphones

(a) vendor agreement expiration in 2014(b) decreased use of communication(c) Communication

i) partial incentive: keeping up to date with new demographicii) remember government missing out on prime surveillance (discuss later)iii) WHY NOW? Payphone use has been declining for years//many were not even working

2. [Solution] 2014 — plan is chosen a) CityBridge chosen as winner of competition w/ LinkNYC ideab) Goal as explained by city leaders

(1) branded simply as “free super fast wifi”(a) “Communications network”(b) “fastest municipal Wi-Fi to millions of New Yorkers, small businesses and visitors(c) Where: “five-borough” [network](d) Funding

i) “advertising revenues”ii) “no-cost to taxpayeriii) set to generate $500 million in 12 years

(e) Links are supposed to transform “access to information”End: Most things branded as free come at a cost.Next — Suspicious beginnings//kiosk features

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !36

II. IMPLEMENTATION A. Purpose

1. Touchpoints 1-2 a) What does it do? How does it affect me?

2. Origin continued — suspicious findings3. Privacy concerns/things overlooked in the policy4. Surveillance/features 5. Touchpoint 3 — competing interests (also touched upon in IMPACT)

B. Suspicious beginnings 1. Ownership

a) CityBridge announced as winnerb) CityBridge is a consortium including:

(1) Titan and ControlGroup//the original companies who had been in charge of the payphone franchise previously

(2) Comark — in charge of manufacturing kiosks(a) Antenna created physical design

(3) Qualcomm — internetc) Around same time, Google creates Sidewalk Labs

(1) previous deputy mayor of NYC placed as head of the company, Dan Doctoroffd) Sidewalk labs then acquires LinkNYC, launching INTERSECTION

(1) Intersection (group formed from Control Group and Titan)(2) Comark becomes CIVIQ Smartscapes

e) Google is the owner of the company claiming to offer you free wifi

2. LinkNYC a) Initiative

(1) 10,000 links(2) 3 cameras per link (also under surveillance)

(a) cameras reportedly not oni) person from Civil Liberties Unions wrote letter to city regarding the cameras and such,

LinkNYC responded saying these are not turned on yet(3) 30 sensors per link(4) 2 wifi networks

(a) Public — requires email//apparently no verification system(b) Private — additional security, required device with iOS7 (certain target market)

b) Kiosk features(1) free wifi(2) Maps and directories(3) free phone calls(4) 911 button(5) Charging(6) public service announcements (P.S.A)

3. Privacy Concerns a) 2 separate polices: one for the kiosk and one for the network

(1) LinkNYC — https://www.link.nyc/privacy-policy.html/ (a) Updated on October 27,2015(b) only applied to the website and information sent across the website(c) fairly self explanatory/broken into specific sections

(2) CityBridge — http://www1.nyc.gov/assets/doitt/downloads/pdf/Proposed-PCS-Franchise-Exhibit-2-CityBridge-Privacy-Policy.pdf/ (a) Updated January 25,2016

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !37

(b) Sign-in — three pieces of key information are taken: username, email address and password(c) The information being collected is supposedly If you only use the kiosk(d) Data

i) Collection [What is being collected?](1) MAC Address(2) IP address(3) device identifier(4) full url clickstream(5) pages you viewed

ii) Use [What is the data used for?](1) CityBridge will not sell personal identifiable information, however they may share

(a) Loophole provision: one does not need to sell information for it to be used by another party

(b) Either information is exchanging hands(c) Any third party which acquired CityBridge would then have access to the

information(2) Notification

(a) CityBridge will take “reasonable attempts” to notify one if their information is requested (by government)

(b) What constitutes a reasonable attempt? If one is only providing an email, password and a username (legal name has not been referenced/email verification was not previously a feature on the kiosks), how would this occur?

(c) CityBridge may share non-personally identifiable data (which means what exactly? This needs clarification.

(d) Answer:

iii) Type (in surveillance section)(1) Video footage(2) Beacon

(a) each link has a beacon, pins devices using bluetooth/general location/ yet to be mentioned in privacy policy

4. Surveillance a) Design Features

(1) Cameras, each link has 3 cameras, multiplied with hundred of kiosks, many cameras(a) Video Footage

i) 2014 — Cameras not on according to CityBridge// CityBridge responded to letter from rep at American Civil Liberties Union

ii) 2016 — apparently the cameras are on, though I have not found verification besides the fact that a provision has been added to the CityBridge privacy policy labeled

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !38

ARTICLE: GOOGLE IS TRANSFORMING NYC’S PAYPHONES INTO A ‘PERSONALIZED PROPAGANDA EGINE’

— NICK PINTO, VILLAGE VOICE DOCTOROFF AT THE YALE CLUB

“By having access to the browsing activity of people using the Wi-Fi — all anonymized and aggregated — we can actually then target ads to people in proximity and then obviously over time track them through lots of different things, like beacons and location services, as well as their browsing activity. So in effect what we're doing is replicating the digital experience in physical space.”

INFORMATION COLLECTED BY OUR SENSORS AND CAMERAS [taken directly from the CityBridge privacy policy]

(a) We will not keep any footage captured by any camera for longer than seven days, unless the footage is necessary to investigate an incident.

(b) We will not give any data collected by environmental sensors or cameras to anyone other than the City or governmental law enforcement, unless 1) we are legally required to, 2) it is necessary to operate and maintain the System and the Services, or 3) we get advanced, written permission from the City.

(c) We will not use facial recognition technology for any reason, and we will not use our cameras to track your movement through the city.

(2) Sensors// what are they really for?(3) Beacons// pinning location, nothing in privacy policy(4) Browser// search history, any interactions with the kiosk are collected(5) Phone// calling history is recorded

b) Location (1) [Articles — Why Location is the new currency of Marketing]

5. Public Private Partnership//City and Citybridge a) Misrepresentation

(1) Google(a) Connection with LinkNYC project

i) head of Sidewalk Labs which acquired LinkNYC, creating sub called Intersection [made only of the previous owners of the payphone franchise — Titan and Control Group]

(b) No statement from Googlei) strange considering the novelty of the project that it has yet to make a public statement

claiming any connection to the kiosks popping up around the city(c) Revenue: What exactly is Google’s role in this initiative?

i) Google slowly making its way into varying facets of life [search engine — data projects like Sidewalk Labs

ii) Phones: tracking capabilities, google automatically pins the location of your device every few hours, imagine what information the free-wifi could gage(1) track someone their entire commute

(2) Titan found to have placed bluetooth beacons in old phone booths in Manhattan (a) [article: LinkNYC Privacy Issues — Fully Story]

i) Notified customers of salesii) Other uses included surveillance and data collection

(1) DeBlasio had ordered the beacons removed(3) City

(a) American Civil Liberties Union i) (Article: Will New York City’s Free Wi-FI Help Police watch you?)ii) Q. letter asking how LinkNYC preserves dataiii) A. stated that data is preserved for 12 months after user logs in

(b) Regulationi) City has yet to disclose any of this information//there are set to be 7500 booth throughout

the city in order to provide continuous service (imagine the amount of data it will aggregate)

ii) remember city is set to receive 50% of the approximated $500 million

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !39

III. IMPACT A. Purpose

1. Determine the possible adverse effects these links could pose to the members of the city2. Predict the trajectory of technology and societal effects (touchpoint 4)3. Give possible solution/law proposal in order to fix issue (touchpoint 5)

B. Future/Trajectory of technology 1. [Broadening technology divide] it was the intention of city leaders when they picked the concept of LinkNYC

as the winner of the design challenge, they believed the program would end the divide. a) reaffirmation of social boundaries//the initial placement of the kiosks defeated the purpose of the

program(1) installed in higher income neighborhoods

b) elimination of certain demographic(1) community complaints//claim people are loitering, increase in crime, homeless lingering(2) instead of fast forwarding installation/taking away features

(a) web browsing removes, no charging of laptops(b) Rather than provide kiosks as was stated in 2014 in all five boroughs to those who need them,

taking away of features to ensure only a certain demographic uses the kiosks(c) commercialism dictating city-scape

2. [Large social experiment]a) Concept//becoming accustomed to certain technologies, not realizing capabilities

(1) ex. Skynet from Terminator Genesis(2) ex. Eagle Eye(3) “When you’re not paying, you’re not the customer — you're the product.” — Benjamin Dean

b) Reality//this could end up being the largest social surveillance experiment(1) Extensive facial recognition software

(a) Remember the cameras which are supposedly not on/perhaps they are nowi) 3 cameras per link, hundred of links already up, tons of video footage being stored privately

(b) The sensors — their use has not been specified(c) Google as a whole — phone location, traffic location, face, browsing history

i) The tracking capabilities of this initiative could quickly become problematic with the demographic being targeted(1) Possibility 1: narrowed//surveillance targeted at certain class

(a) Affordable wifi targeted at those who can’t afford it on their own (lest we not forget extra security comes at a cost — a new iPhone), possibility of being lower income, possibly over policed already

(b) taking advantage of group who have limited choices (2) Possibility 2: broad//citywide surveillance

(a) everyone basically becomes a walking file and can be monitored C. Solution/Law Proposal

1. Update privacy policiesa) There needs to a massive update to the two privacy policies.

(1) There should be no drafting notes on an official document.(2) There should not be two separate privacy policies, especially when the one featured on the website

ONLY APPLIES TO THE WEBSITE(3) Full disclosure on all working parts of the kiosk//beacons are not mentioned in either policy

b) Terminology(1) Fix vague wording, otherwise it seems misleading(2) There are a lot of “may” but not “will”(3) Also disclose what information is being collected.(4) “Sell” vs. “Sharing” — clarify, the idea that LinkNYC clearly states that it is not selling your

information, but says I may share it

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !40

F INAL RESEARCH PROJECT

LINKNYC: TERMS OF MISUSE WHAT WOULD TRADE FOR A WIRELESS CONNECTION?

PRIVACY & SURVEILLANCE FINAL RESEARCH PROJECT

NANDI AYANA CLARKE N. CAMERON RUSSELL

DECEMBER 9,2016

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !41

Never trust anything that can think for itself if you cant see where it keeps its brain.

— Arthur Weasley

LINKNYC: TERMS OF MISUSE SURVEILLANCE TECHNOLOGY IN THE AGE OF NEW MEDIA

CONTENTS A SEEMINGLY INNOCENT INSTALLATION IS CAUSING PROBLEMS.

INTENT 44

A brief history on the LinkNYC initiative came to be and the consortium behind its creation. LinkNYC: A History IMPLEMENTATION 44

Discussion on the current status of the initiatives in regard to the fulfillment of original plans and the creations of others. Conflict of Origin LinkNYC: The Initiative Privacy: A Tale of Two Policies Surveillance & Misrepresentation

IMPACT 49

What could possibly go wrong? Possible adverse effect of well touted and intentioned LinkNYC initiative and proposals as to how these issues may be fixed. Trajectory of Project Technology Divide Social Experiment Law and Order

SOURCES 52

A comprehensive list of all texts and works cited

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !42

NANDI A. CLARKE

N. CAMERON RUSSELL

PRIVACY & SURVEILLANCE

DECEMBER 9, 2016

LINKNYC: TERMS OF MISUSE

Over the past few months, New Yorkers have been noticing new additions to the city’s landscape, the obelisks seen above, also known as the LinkNYC kiosks. The eyesores in question were installed with the intention of providing millions within the city with free wifi. From the onset of their installation, these kiosks have raised some concerns. It is common knowledge that there are always risks to utilizing a “free” source, let alone wifi. Some are skeptical about how information they provide, consciously or unconsciously, will be used by the providers of the service. Surveillance is a constant in the minds of citizens especially in this realm of new media and heightened internet presence. Surveillance is not a foreign concept to New Yorkers. From Stingray phone trackers to beacons, and excessive security cameras, New Yorkers are hyper aware of their presence. Surveillance isn’t the main issue here. For a project whose main goal is providing free wireless internet, the city managed the pick the most intrusive choice, containing numerous cameras and sensors.

WHAT WOULD YOU TRADE FOR A WIRELESS CONNECTION?

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !43

INTENT LINKNYC: A HISTORY

Two years ago, a connection was born. In 2012, New York City became concerned with the issue of communication. The Reinvent Payphone Design Challenge was announced in December 4 of the same year and would run until March 5, 2013, with the goal of answering the question: How can New York City reinvent payphone to make our city more accessible, safer, healthier, greener and better informed? Vendor 1

agreements for the payphone were set to expire in 2014 — insert ulterior motive here — so the city opened the challenge up to its residents in search of a way to bridge the communication gap [whilst creating more of its own] as well as set New York further in its goal of becoming a smart city.

The winning idea of the design challenge was announced in 2014 — the LinkNYC kiosk, a communications network which would provide the “fastest municipal Wi-Fi to millions of New Yorkers, small businesses and visitors” 2within its five boroughs. From the onset, the project was touted as a godsend, set to solve all of the city’s issue regarding in the inaccessibility to technology, furthermore internet. Mayor DeBlasio and Brooklyn Borough President Eric Adams had instilled a lot of trust into the project. For those living within the city without proper access to

internet…this was set to be their savior.

The prospects were amazing. Setting out simply to fix the issue of quasi pay phones, in a miraculous turn of events, everything just fell into place…blazing fast city-wide wifi, nearly $500 million in supposed revenue, funding from advertising venues and all at no cost to the taxpayer.

No cost? Fast forward to 2016 and these obelisks have taken over numerous streets in Manhattan, yet many of the prime demographic that the links were initially targeting have yet to do so much as touch a kiosk.

Two years ago, DeBlasio stated that we as a city, couldn't “continue to have a digital divide that holds back so many of our citizens,” yet there are vast regions within the boroughs that yet to be connected. So what 3

went wrong?

“Free super fast Wi-Fi. And that’s just the beginning.” 4

Too right you are, Link. Too right you are.

IMPLEMENTATION CONFLICT OF ORIGIN

It is nearing the end of 2016, and the LinkNYC kiosks have barely delivered on their original goal of adequately providing free wireless internet throughout the five boroughs; inclusive of large bald spots in coverage — some coincidentally located in lower income areas. To be fair, it was DeBlasio who touted the initiative as a semi-instant solution. In order to gage where things may have gone wrong, we seek to revisit 2014 when the winner of the design challenge was selected. How much is known about them?

CityBridge, proud owner of the LinkNYC kiosks, is actually not a single company, but a consortium of four separate companies — currently three — whom are experts in the fields of advertising, technology,

"Reinvent Payphones." Splash. Web. 07 Nov. 2016.1

"De Blasio Administration Announces Winner of Competition to Replace Payphones." The Official Website of the City of 2

New York. 17 Nov. 2014. Web. 4 Nov. 2016.

"De Blasio Administration Announces Winner of Competition to Replace Payphones." The Official Website of the City of 3

New York. 17 Nov. 2014. Web. 4 Nov. 2016.

https://www.link.nyc/4

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !44

“Free super fast Wi-Fi. And that’s just the beginning.” — LinkNYC

consumerism and integration: Titan and ControlGroup, Comark who was in charge of manufacturing the kiosks and Qualcomm who provides the actually internet connection. Here is where things get dicy.

If the names Titan and ControlGroup sound familiar — it is more troubling if they do not— that is because these are very same companies who had control of the payphone franchise previously. Coincidentally the very company who owned the previously failing franchise (and failed to update the system or even attempt to fix the product which they must have known was becoming obsolete) manages to maintain ownership of the next generation of their product…which is set to bring in millions of dollars of revenue within the next few years. Not a coincidence.

Comark also sought to rebrand itself and has become CIVIQ Smartscapes, specializing in “SMARTSCAPING CITIES™,” dedicating themselves to “the future of intelligent urban infrastructure.” 5 6

Why the consortium running a project to simply, bring free wifi to masses in need would contain a company whose main goal is consumerism, pushing for integration and reliance on technology is questionable — notwithstanding the fact that it contains the very companies who failed to successfully bring communication to the same citizens in years prior.

Qualcomm is really the only company within the group which makes perfect sense in the scope of the LinkNYC initiative, as it known for its ties to telecommunications and providing innovative technologies for the current generation.

Around the same time that the companies within CityBridge were rebranding, in 2015, Google was doing the same — ultimately reorganization a number of its projects and services into a firm called Alphabet . In 7

June of 2015, Alphabet launched a subsidiary company, Sidewalk Labs, a “new type of company that works with cities to build products addressing big urban problems.” Not much was known about the project at the 8

time, besides the questionable placing of a former deputy mayor of New York, Dan Doctoroff, as the head of the company. Sidewalk labs then acquired two companies, Titan and Control Group, in order to form another subsidiary, Intersection. Once again, the payphone companies reared their heads again in collaboration with another startup which seemingly has no ties to communication.

If the timeline is followed correctly, we gage that the rebranding of the companies within the consortium of CityBridge, Google’s restructuring, the creation of Sidewalk Labs (and its acquisition of two of the companies tied directly to the free wifi initiative) all line up; but what exactly does it mean and why has Google not yet made a public statement regarding its connection to the kiosks littering the cities? What is the connection between free wifi and advertising?

It is impossible to walk a block in the city without bumping into these digital giants, so why does the public seem to know nothing about them?

LINKNYC: THE INITIATIVE LinkNYC plans to have a total of 10,000 links installed within New York in the coming years, each containing 3 cameras, 30 sensors and the tablet itself which offers free wifi, maps and directories, free phone calls, a 911 button, charging and public announcements. As to the use of the cameras and the sensors, LinkNYC has yet to really comment on their use, citing initially (in 2014) in a response to a letter drafted by a representative of the New York Civil Liberties Union that the cameras were not currently on. As for the actual internet network, there are two separate networks, one public and one private (with a promise of additional security — though one must have a device using iOS7 in order to be eligible for this benefit). Affordable wifi for all, right?

http://www.civiqsmartscapes.com/5

Seen on the homepage of their website (see note 5) in a section containing a kiosk resembling those of LinkNYC.6

Fung, Brian. "The Difference between Google and Alphabet, Explained." Washington Post. The Washington Post, 24 Feb. 7

2016. Web. 03 Nov. 2016.

http://www.sidewalkinc.com/8

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !45

The kiosks’ features are fairly explanatory, as one can find these 6 services listed on the homepage of their website. However, LinkNYC becomes rather murky when the issue of privacy is brought up. This might be due to the fact that LinkNYC has two separate policies. The policy on their website is fairly self explanatory: you automatically accept their terms by using the product, they may collect information from messages you send them for research purposes, etc. This is standard with most companies. However, this privacy policy which was last updated on October 27 of 2015, the one advertised in bold on their website, only applies to the website. Finding the policy which applies to the network and the kiosks is another task on its own — only found by clicking the link in smaller font on the page entitled ‘Privacy Policy’ or typing in your request via a search engine. The policy you will find is titled: “Exhibit 2 — CityBridge Privacy Policy,” which is confusing considering, of the few who are actually aware of the purpose of the network 9

and kiosks, CityBridge is not publicly branded in correlation to the product — not including the fact that there should be only one comprehensive Privacy Policy for the company and its networks.

PRIVACY: A TALE OF TWO POLICIES The latter policy, dated January 25, 2016 contains 11 sections which I supposed entails all their company has to offer. Albeit, we shall pay attention to a specific few. According to the policy, three pieces are information are taken from the user at the onset of use on the network: username, email address and password — up from just an email in previous years. Also, information is apparently only collected in the case of one using the physical kiosks. There are specific data points which will be collected: a MAC address, an IP address, a device identifier, the full url clickstream and all pages which were viewed by the user for the duration of kiosk use. It is a wonder there is no kitchen sink in sight.

It is fascinating that all mentions of said data points which the company plans to collect are all listed in the policy with no connection to the original LinkNYC website. As a side note: for the vast majority whom won’t even give the kiosk a glance (the cameras might know), it is not explicitly outlined where the rules applying specifically to kiosks end, so I would assume the entirety of the policy applies to both the network and the kiosk.

As to what specifically is done with the information they may collect, is a puzzle with very few pieces on the table. The policy states that CityBridge will not be selling personal identifiable information, and will not “share Personally Identifiable Information with any third party for that third party's own use.” This provision makes relatively no sense as 10

information no longer needs to be sold in order for another party to get ahold it. There is also specific wording “for that third party’s own use.” What exactly does that mean? So is the information not being sent to a third party if their motives don’t sync with those of CityBridge, or is the information not being shared if the third party choses to do something other than what CityBridge is already doing at the moment? Also pay attention to the use of “personal identifiable information.” If and in the case the information contains no markers which would lead to identifying any specific person’s identity, there still sounds as if there is a chance that information will be shared. Lest we forget that CityBridge is a consortium, and any third party who acquires CityBridge or a member is essentially granted access to the same information; also outlined in their policy:

“We may share information, including Personally Identifiable Information, with our service providers and agents to the extent reasonably necessary to provide you with the Services.”

Though I might be looking too fair into the situation, this provision seemingly offers too many loopholes.

Another topic to pay attention to with their privacy policy is notification. Under a section labeled “How we share you information,” CityBridge states that it will take “reasonable attempts” to notify someone if their information is requested (by the government). Barring any gag orders, what exactly constitutes a reasonable attempt? If only an email, password and username have been provided to use the service — legal name has not been referenced and email verification was not previously a feature on the kiosks —

http://www1.nyc.gov/assets/doitt/downloads/pdf/Proposed-PCS-Franchise-Exhibit-2-CityBridge-Privacy-Policy.pdf9

see note 910

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !46

“So in effect what we're doing is replicating the digital experience in physical space.” — Dan Doctoroff

how would sufficient notifications really be sent to the user? Considering the data retention period for the kiosks is 12 months, this is not shaping out to well for users.

For a company literally branding itself for its free Wi-Fi, there seems to be a lot of focus being put on anything but. At this point, it is fairly obvious some sort of information is exchanging hands, though how it is being done is another question entirely. What hasn't been discussed is the purpose of this data collection. Dan Doctoroff answered this question unknowingly in May.

At an event titled “The Future of Cities, with Dan Doctoroff, Chairman and CEO of Sidewalk Labs” hosted on May 16 by the Yale Alumni Nonprofit Alliance & Harvard Club of New York's Crimson Impact, Doctoroff candidly said:

“By having access to the browsing activity of people using the Wi-Fi — all anonymized and aggregated — we can actually then target ads to people in proximity and then obviously over time track them through lots of different things, like beacons and location services, as well as their browsing activity. So in effect what we're doing is replicating the digital experience in physical space.” 11

This the same Dan Doctoroff who was placed as the CEO of Sidewalk Labs, the subsidiary of Alphabet, Google’s head firm; Sidewalk Labs which created a subsidiary, Intersection; Intersection, which is made up of two of the companies within the CityBridge consortium. He has direct ties to the kiosk project and was overheard speaking of the Wi-fi in terms of an advertising scheme. If this was his way of selling the Wi-Fi, he needs to be fired. In all seriousness, this is problematic. When the message that is being broadcast to the public is different from the message of the owners (whether direct or indirect), this should draw media attention, but the media is busy focusing on nonsense: sensationalized stories claiming that unmentionables are using technology above their pay grade.

SURVEILLANCE & MISREPRESENTATION CityBridge’s (and associates) lack of transparency, albeit troubling, is the least of the public’s issues. The lack of precision used when writing the Privacy Policy — just imagine the previous version from 2014 which still contained draft notes — would be excusable had all aspects of the kiosks been disclosed. Previously, it has been stated that the kiosks had each been created with cameras and sensors. In addition to this, each kiosk has also been equipped with beacons. Not sure about CityBridge, but these are not the first things that come to mind when I think of free or affordable wifi. With hundreds of kiosks multiplied by 3 cameras each, one could only imagine the possibilities. These cameras could capture anything, though in 2014 CityBridge claimed that the cameras had not been turned on. Well, it’s 2016 and though CityBridge has yet to make a public statement announcing any updates on this specific feature, they did make sure to add a section to their Privacy Policy labeled “Information Collected by our Sensors and Camera” and are as follows.

(5) We will not keep any footage captured by any camera for longer than seven days, unless the footage is necessary to investigate an incident.

(6) We will not give any data collected by environmental sensors or cameras to anyone other than the City or governmental law enforcement, unless 1) we are legally required to, 2) it is necessary to operate and maintain the System and the Services, or 3) we get advanced, written permission from the City.

(7) We will not use facial recognition technology for any reason, and we will not use our cameras to track your movement through the city.

So, the cameras which have never been confirmed as being turned on, don’t keep footage for more than a week unless of course, law informant needs it and facial recognition technology will not be used. This is an

Pinto, Nick. "Google Is Transforming NYC's Payphones Into a 'Personalized Propaganda Engine'" Village Voice. 06 July 11

2016. Web. 03 Nov. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !47

empty promise considering the kiosk already has access to your device ID, mac address and some sort of username (and email). There is already a virtual profile of any user who has used this service, whether or not a photo has been placed with the profile. Another aspect to note is the direct omission of the beacons and sensors from this sections. They are not even mentioned. What exactly do sensors have to do with wireless connectivity? The world may never know.

However, three entities may have an idea, though they are seemingly unwilling to share: Google, Titan and the City. With questions coming up in droves, here are a few things to take into considering.

First, Google’s connection to the LinkNYC program and it refusal to offer public commentary on the kiosks. No statement has been made, which is strange considering the novelty of the project. One would think Google would be interested in informing its consumers, it’s collaborating on the newest machines to hit the streets of New York. Unless that information would not sit well with its consumers. Consider revenue. What exactly is Google’s role in this initiative? Google branched out from simply being a search engine and controlling its own maps and video service to remodeling and encoding numerous facets to complete projects under another title, though still very much involved in the lives of its customers (does anyone recall Waves)?. Their phones (referring to Android devices) already have tracking capabilities, automatically pinging the location of the device every few hours. Now imagine, hundreds of kiosks posted all across the city (for continuous service, of course) with beacons able to track your location, cameras recording footage and sensors all connected in some shape or form to Google. With all of the information at Google's/Alphabet's disposal, tracking someone for the entirety of their commute seems entirely plausible.

Titan’s stint with malpractice comes in the form of their beacons. Earlier in the year, the company was found to have placed bluetooth beacons in old phones booths all around Manhattan , which needless to 12

say, is a commercialized borough. The job of the beacons was to notify customers walking past of sales. This is not the issue though. Though the beacons might not have been planted for nefarious purposes, these items could also be used for surveillance and data collection. For this purpose, the mayor instructed that the beacons be removed. This is the company that is in charge of the advertising for LinkNYC. This is also 13

the same company that stated in its business plan from four years ago stating that they wanted “opportunities to generate revenue from mobile commerce.” Remember this. A company who believed it 14

was perfectly alright to track the location of consumers (and who knows what else) is offering to give you free wifi. Whatever our hesitations, their four year plan is apparently coming to fruition.

These companies are not the only parties at fault here. The city has been involved in a fair amount of negligence over the past few years, mainly starting in 2014 when this whole Reinvent Payphones initiative was born (or so we think). In May of 2016, Mariko Hirose, a senior staff attorney at the New York Civil Liberties Union, sent a letter to the city regarding concerns that arose consequent to her reading the privacy policies of CityBridge and the franchise agreement, recommending changes. A City Hall representative 15

later anonymously informed the public that there would never be a response. LinkNYC’s general manager Jen Hensley did try to calm any suspicions with a statement saying: “New York City and CityBridge have created a customer-first privacy policy, and will never sell any user's personal information. LinkNYC does not collect or store any data on users' personal web browsing on their own devices. CityBridge would require a subpoena or similar lawful request before sharing any data with the NYPD or law enforcement, and we will make every effort to communicate government requests to impacted users.” This isn't saying 16

Baaria Chaudhary. "LinkNYC Privacy Issues – Full Story." NYC Tech News. 24 Aug. 2016. Web. 2 Nov. 2016.12

Kosoff, Maya. "NYC Has A New Plan To Give Everyone High-Speed WiFi ..." Business Insider. 17 Nov. 2014. Web. 7 Nov. 13

2016.

The Eleventh HOPE: LinkNYC Spy Stations. Prod. Benjamin Dean and Mariko Hirose. Livestream.com. Aug. 2016. Web. 14

03 Nov. 2016.

see note 14 — The panel on the fraudulence of the LinkNYC initiative15

see Nick Pinto’s article: Google Is Transforming NYC's Payphones Into a 'Personalized Propaganda Engine'16

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !48

much considering the loose interpretation of personal data as defined by CityBridge’s privacy policy. There is also the fact that restating contents from the very privacy policy being questioned reassures no one. In Hirose’s letter, it was asked how low LinkNYC preserves the data it collects to which it was announced that the data retention period for the kiosks was 12 months after the user logs in . When exactly the timer 17

towards the aforementioned 12 months starts is also news to anyone. Considering 12 months is a year, it would suffice to say anything you have ever done on the kiosk has the possibility of being seen by a third party.

Here is the issue. With the above being said, one would think the city would step in and seek to regulate the kiosks and the company in charge. This is not the case. The city has yet to disclose any of this information. Think about this: There are set to be 7500 booths/kiosks through the city, with the branded goal of providing continuous service to the user (throughout the city). Imagine the amount of data these kiosks could aggregate without federal regulation. This is surprising considering New York is a city where one would need a permit simply to perform in the subway. What could be holding the city back from speaking? Perhaps the fact that it is set to receive 50% of the approximated $500 million revenue of the LinkNYC project. Though that could be wrong.

IMPACT TECHNOLOGY DIVIDE

However benevolent the notion, CityBridge’s LinkNYC project took a detour on the path to providing free municipal wifi. There are many who are unable to afford wireless internet, a fact which has not changed since the project began. If anything, the project only highlighted previous issues and increased others ,defeating its initial purpose. Whether or not sincere in their words, city officials has sough to fix communication problems and also bridge a technological gap [caused in part due to income inequality among other prevalent issues within the city], though the way in which the project was implemented left a bad taste in many New Yorkers’ mouths.

Examine the location. A project being touted for the purposes of providing a free service to those in need would usually begin implementing said service in the aforementioned areas that are in need, perhaps a low income neighborhood. Yet, the first borough to receive service was the commercialized borough of Manhattan, mainly lining the upper west side specifically. As to the placement of the kiosks within this borough, there were certain areas which somehow managed to be skimmed over during the installation phase; one of these areas being the Amsterdam Houses.

Certain demographics seemingly got the short end of the stick when it came time to receive service. Forgoing the fact that wireless internet already assumes the user has access to an updated device which supports wifi (ignores old desktops and phones), it also assumes the user would know how to operate a touch screen (assumption that the user is technologically savvy). These are minute issues at best, but still worth mentioning. The main issue came when LinkNYC decided to make adjustments to its features this year. There had been numerous complaints from residents in the commercial borough claiming that people were loitering around the kiosks, that there had been increases in crime and that the homeless has been lingering around the kiosks. Granted, there had been cases where people were using the kiosks to watch inappropriate content, but the way in which LinkNYC resolved, for lack of a better word, the issue left a 18

lot to be desired. LinkNYC simply removed specific features to ensure that their intended demographic was using them: web browsing was removed. So rather than attempt to sufficiently fix the issue by fast forwarding their projects and trying to install the kiosks in areas that would need it most, LinkNYC took heed to those already with a dollar bill to their name and appeased them. Commercialism, at least in this case, seemed to be dictating the city-scape.

SOCIAL EXPERIMENT

Waddell, Kaveh. "Will New York City’s Free Wi-Fi Help Police Watch You?" The Atlantic. Atlantic Media Company, 11 Apr. 17

2016. Web. 04 Nov. 2016.

"Free Wi-Fi Kiosks Prompt Concerns Of Potential Misuse By Homeless New Yorkers." CBS New York. 13 June 2016. 18

Web. 04 Nov. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !49

The idea of implementing municipal wifi to a changing public is noteworthy, but as with most projects, sometimes extra vigilance (on the part of the consumer) is necessary to ensure that the company or project is held to the promises it has made to the masses. Best exemplified by Who’s On the Ballot. Voter turnout has been low for years, especially in New York where residents for whatever reason were not coming out to vote, so the website partnered with LinkNYC in order to bring information to the people — such as polling places and information about the candidates themselves. Sometime it is necessary for outside sources to keep the kiosks (and the company in charge) in check and ensure its working for the good of the people.

Broadening the social and technology divides, albeit troubling, are far from the worst outcomes as a result of the LinkNYC initiative. There is the impending possibility of mass surveillance. There is seldom an instance where an invention neglects to surpass its intended use. Consider ARIIA from Eagle Eye and Skynet from Terminator Genysis. In Eagle Eye, ARIIA — the Autonomous Reconnaissance Intelligence Integration Analyst — a supercomputer created by the Department of Defense for intelligence gathering ends up inhabiting a mind of its own and initiating hits on government officials. Skynet of Terminator Genysis, originally created by Cyberdyne Systems Corporation for Strategic Air Command/ North American Air Defense was supposed to serve the purpose of collecting data, furthering artificial intelligence. It too, like ARIIA gained self awareness and saw humans as threats, later plotting their extinction.

In both scenarios, the technology created for the purpose of aggregating data transcended the creator’s intentions, later becoming a weapon of sorts. Though not as severe as the examples past, given the present design of the LinkNYC kiosks and the lack of regulation in regards to the data they collect, this initiative has a real chance of becoming large social surveillance experiments. Remember the cameras located on the kiosks, which CityBridge had made pains not to publicize? With three cameras per link and hundreds of links up already, there could possibly be tons of video footage being stored privately. The sensors are another source of concern as their use has yet really be specified.

Google’s connection to the kiosks tops off all of the concerns, creating two possible scenarios — both problematic. Give the company’s access to its existing users’ phone location (maps/Android Device Manager), browsing history (Chrome), history of video watches (Youtube), and in addition, possible facial recognition (photos associated with contacts and also lock screens), the idea of Google possibly having access to video footage of residents as they commute across the city and their searches for the duration of this commute is slightly unnerving.

On the one hand, there is the chance of narrowed surveillance targeted at a certain class. The idea behind LinkNYC was helping those who couldn't initially afford wireless internet was amiable until the creation of two separate networks, primarily the private network, which offered extra security but required the user to own a device running iO7. Within a free wireless network service, security comes a cost (lest we forget, this service was supposed to be generally affordable — the requirement to own a expensive device costing hundreds of dollars in order receive security while browsing seems a tad unreasonable). With this, those not able to afford expensive devices and clearly not able to afford their own wireless internet (or possibly a data plan) are forced to have their information out in the open, more susceptible to surveillance. There is a chance that this initiate to offer free wifi could end in those with lower income being policed and watched more than they already are. LinkNYC is taking advantage of a group who already have limited choices. On another hand, the kiosks’ offer a chance of a broader form of surveillance, focused more on the city’s residents in general. Video footage and sensors paired with the excessive aggregation of data (not included the kiosks’ faulty data retention period), essentially transforms residents into walking files which could be monitored.

Hopefully the situation does not reach this point.

As great as it sounds on paper, is free wifi really worth the privacy it costs?

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !50

“When you’re not paying, you’re not the customer — you’re the product.” — Benjamin Dean

LAW AND ORDER Amendments must be made to the way in which the LinkNYC program is run or otherwise risk failure and inadvertently contributing to a pre-existing bias. The kiosk, albeit a sound (and minutely intrusive) idea, function as a parody of its former incarnation (the phone booth); taking up space, rarely being used (by the intended target) and having features dictated by a select few. Genuine success of the program is reliant on compliance with two separate features: privacy policies and city regulation.

The privacy policies bear the brunt of the security concerns, failing to address issues of brevity, data retention and product design.

Notwithstanding that there ought to be one comprehensive privacy policy for CityBridge and its product; in the event that both policies are deemed necessary, both require significant revisions. The first change to be made refers to the title. Both policies, as they to refer to products/services within the LinkNYC realm should be aptly names to reflect said connection.

The policy featured on the website only applies to the website. Those seeking to read the privacy policy, should they be inclined to, would most likely do so using the kiosks or the wireless network. Therefor, it is illogical that the privacy policy featured on the [LinkNYC] website does not pertain to the product that the company is attempting to sell to the public, not to mention misleading. The policy referring to CityBridge, its kiosks and wireless network can be found elsewhere — by googling search or a small clickable link on the policy page of LinkNYC’s website — titled Exhibit 2.

Beyond the misleading title, the policy neglects to disclose (to any degree) what data points are bing collected, the kiosks’ features and how they collect information and most importantly, where the data goes. Within the 11 sections of the privacy policy, little attention was paid to station the actual working parts of the kiosks, and sensors never received a mention (in either policy).

As to the issues with the policy’s provisions, the elimination of all iterations of “may” or “might” would suffice. As it is, much of the policy is hypothetical and the provisions regarding data aggregation are vague at best. There is little stating what the company will do with data collected and whether or not said data would be shared or sold. CityBridge will have to clarify the difference between these two as well. Under a section stating that CityBridge is not selling the user’s information is another section stating that any third party which acquires CityBridge is granted access to its information, therefor partially nullifying the previous statement.

The data retention period must also be amended. Twelve months is not only long, but unreasonable. This period ensures that data is never removed from the server, especially if the user utilized the service daily. When the countdown to the full twelve months begins is also news for the public.

Cameras, sensors and other unspecified features within the kiosks’ design pose security concerns. It is slightly incomprehensible as to how a kiosk created for the purpose of providing wireless connection necessitates the use of cameras and dozens of sensors, given the lack of disclosure and capabilities of this technology. Should the cameras be on or recording footage, the public must be notified. To those seasoned in the working of New York City, video surveillance is not a new concept. The issue if no longer surveillance, but rather, the cameras being owned by a private entity — who has yet to clarify whether or not the camera feed is registered in the domain awareness system.

The city bears a fair amount of blame for any data exploitation at the hands of CityBridge as its lack of regulation has encouraged the company to continue to do so. In an attempt to pad their wallets and the city’s bottom line, officials have taken a blind eye. The city itself is set to receive millions in revenue from the LinkNYC network. When the privacy policy was questioned by a representative of the ACLU (American Civil Liberties Union), a city hall member was quick to state that there would be no answer to the inquiry. The city needs to step up and take some responsibility.

What would you trade for a wireless connection?

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !51

WORKS CITED

Baaria Chaudhary. "LinkNYC Privacy Issues – Full Story." NYC Tech News. 24 Aug. 2016. Web. 2 Nov. 2016.

Bonazzo, John. "This Site Wants to Reverse New York City’s Low Voter Turnout." Observer. 31 Oct. 2016. Web. 2 Nov. 2016.

Buckley, Sean. "Build a Better Payphone: NYC Hosts Public Design Challenge to Reinvent Public Telephones." Engadget. 08 Dec. 2012. Web. 04 Nov. 2016.

"De Blasio Administration Announces Winner of Competition to Replace Payphones." The Official Website of the City of New York. 17 Nov. 2014. Web. 4 Nov. 2016.

The Eleventh HOPE: LinkNYC Spy Stations. Prod. Benjamin Dean and Mariko Hirose. Livestream.com. Aug. 2016. Web. 03 Nov. 2016.

"Free Wi-Fi Kiosks Prompt Concerns Of Potential Misuse By Homeless New Yorkers." CBS New York. 13 June 2016. Web. 04 Nov. 2016.

Kosoff, Maya. "NYC Has A New Plan To Give Everyone High-Speed WiFi ..." Business Insider. 17 Nov. 2014. Web. 7 Nov. 2016.

Leon, Alexandra. "Dozens of LinkNYC Kiosks Landing in Brooklyn by End of the Year - Downtown Brooklyn - DNAinfo New York." DNAinfo New York. N.p., 19 Oct. 2016. Web. 2 Nov. 2016.

Marcius, Chelsia, Kerry Burke, and Jennifer Fermino. "LinkNYC Kiosks Still Concern for Locals Even without Web Browsing." NY Daily News. N.p., 15 Sept. 2016. Web. 2 Nov. 2016.

Myles Miller. "Carnegie Hill Residents Share Concerns over LinkNYC Kiosks." New York’s PIX11 WPIXTV. 11 July 2016. Web. 2 Nov. 2016.

Patrick Mcgeehan. "Free Wi-Fi Kiosks Were to Aid New Yorkers. An Unsavory Side Has Spurred a Retreat." New York Times. 14 Sept. 2016. Web. 02 Nov. 2016.

Pinto, Nick. "Google Is Transforming NYC's Payphones Into a 'Personalized Propaganda Engine’" Village Voice. 06 July 2016. Web. 03 Nov. 2016.

Ranj, Brandt. "We Tested out the New Free WiFi Hotspots in New York City ..." Business Insiders. 19 Jan. 2016. Web. 7 Nov. 2016.

"Reinvent Payphones." Splash. Web. 07 Nov. 2016.

Shieber, Jonathan. "NYC Launches Free Gigabit Speed Wi-Fi Network." TechCrunch.17 Nov. 2014. Web. 2 Nov. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !52

Vanhemert, Kyle. "NYC’s New Pay Phones Will Provide Super-Fast Wi-Fi—And Super-Smart Ads." Wired.com. Conde Nast Digital, 19 Nov. 2014. Web. 2 Nov. 2016.

Waddell, Kaveh. "Will New York City’s Free Wi-Fi Help Police Watch You?" The Atlantic. Atlantic Media Company, 11 Apr. 2016. Web. 04 Nov. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !53

"Benefits of Encryption." Benefits Of. 26 Apr. 2011. Web. 23 Oct. 2016. <http://benefitof.net/benefits-of-encryption/>.

Crocker, Andrew, and Jeremy Gillula. "Why 2015 Is the Year of Encryption.” Gigaom. 28 Feb. 2015. Web. 23 Oct. 2016.

Kang, Cecilia. "Ron Wyden Discusses Encryption, Data Privacy and Security." The New York Times. The New York Times, 09 Oct. 2016. Web. 23 Oct. 2016.

Nakashima, Ellen, and Barton Gellman. "As Encryption Spreads, U.S. Grapples with Clash between Privacy, Security." Washington Post. The Washington Post, 10 Apr. 2015. Web. 23 Oct. 2016.

Scott, Mark. "American Tech Giants Face Fight in Europe Over Encrypted Data." The New York Times. N.p., 27 Mar. 2016. Web. 23 Oct. 2016. <http://nyti.ms/1RIcauW>.

"What Is Encryption?" SearchSecurity. Web. 23 Oct. 2016.

Baaria Chaudhary. "LinkNYC Privacy Issues – Full Story." NYC Tech News. 24 Aug. 2016. Web. 2 Nov. 2016.

Bonazzo, John. "This Site Wants to Reverse New York City’s Low Voter Turnout." Observer. 31 Oct. 2016. Web. 2 Nov. 2016.

Buckley, Sean. "Build a Better Payphone: NYC Hosts Public Design Challenge to Reinvent Public Telephones." Engadget. 08 Dec. 2012. Web. 04 Nov. 2016.

"De Blasio Administration Announces Winner of Competition to Replace Payphones." The Official Website of the City of New York. 17 Nov. 2014. Web. 4 Nov. 2016.

The Eleventh HOPE: LinkNYC Spy Stations. Prod. Benjamin Dean and Mariko Hirose. Livestream.com. Aug. 2016. Web. 03 Nov. 2016.

"Free Wi-Fi Kiosks Prompt Concerns Of Potential Misuse By Homeless New Yorkers." CBS New York.13 June 2016. Web. 04 Nov. 2016.

Kosoff, Maya. "NYC Has A New Plan To Give Everyone High-Speed WiFi ..." Business Insider. 17 Nov. 2014. Web. 7 Nov. 2016.

Leon, Alexandra. "Dozens of LinkNYC Kiosks Landing in Brooklyn by End of the Year - Downtown Brooklyn - DNAinfo New York." DNAinfo New York. N.p., 19 Oct. 2016. Web. 2 Nov. 2016.

Marcius, Chelsia, Kerry Burke, and Jennifer Fermino. "LinkNYC Kiosks Still Concern for Locals Even without Web Browsing." NY Daily News. N.p., 15 Sept. 2016. Web. 2 Nov. 2016.

Myles Miller. "Carnegie Hill Residents Share Concerns over LinkNYC Kiosks." New York’s PIX11 WPIXTV. 11 July 2016. Web. 2 Nov. 2016.

Patrick Mcgeehan. "Free Wi-Fi Kiosks Were to Aid New Yorkers. An Unsavory Side Has Spurred a Retreat." New York Times. 14 Sept. 2016. Web. 02 Nov. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !54

T H E S O U R C E

Pinto, Nick. "Google Is Transforming NYC's Payphones Into a 'Personalized Propaganda Engine’” Village Voice. 06 July 2016. Web. 03 Nov. 2016.

Ranj, Brandt. "We Tested out the New Free WiFi Hotspots in New York City ..." Business Insiders.19 Jan. 2016. Web. 7 Nov. 2016.

"Reinvent Payphones." Splash. Web. 07 Nov. 2016.

Shieber, Jonathan. "NYC Launches Free Gigabit Speed Wi-Fi Network." TechCrunch.17 Nov. 2014. Web. 2 Nov. 2016.

Vanhemert, Kyle. "NYC’s New Pay Phones Will Provide Super-Fast Wi-Fi—And Super-Smart Ads." Wired.com. Conde Nast Digital, 19 Nov. 2014. Web. 2 Nov. 2016.

Waddell, Kaveh. "Will New York City’s Free Wi-Fi Help Police Watch You?" The Atlantic. Atlantic Media Company, 11 Apr. 2016. Web. 04 Nov. 2016.

PRIVATE EYE — EXPLORING THE CHANGING REALM OF PRIVACY AND SURVEILLANCE IN CONJUNCTION WITH MODERN DAY TECHNOLOGY !55