Much of everyday surveillance is embedded seamlessly, nearly unrecognizably, within the gadgets and settings to which we have become accustomed as essential to modern living. The trend toward ubiquitous surveillance is enabled, in part, by placing sensors, identifiers, and cameras in everyday objects and the built environment. What once was done at specific locations or using specific devices has become a general feature of the vehicles, streets, homes, and workplaces with which we interact daily. We use cellphones to keep in touch with family and friends without thinking about the fact that we are letting the phone company know exactly where we are at all times. We browse through pictures of ourselves on Facebook without considering that Facebook is now the largest facial recognition software developer in the world; it can identify us in photos whether or not we are tagged. And digital cameras can embed both a time/date and GPS location stamp on every picture we take.
This embedding of surveillance capabilities into familiar devices and everyday environments is an ongoing trend, closely linked to both the general expansion of surveillance and the more recent expansion of mobile and location-based surveillance, two themes examined in earlier chapters. The rapid pace of technological change in digital networking and related technologies is the most obvious driver of the embedding process. Not only are the capabilities of digital sensing, recording, transmission, and processing devices growing, but such devices are also becoming cheaper and smaller on a unit basis. In sharp contrast to the expansion of cars in the early part of the twentieth century, when vehicles, roadways, and other aspects of the supporting infrastructures became highly visible in everyday settings, the even more extensive and rapid expansion of digital networking is occurring largely out of view. Although we can see people using their smartphones, laptops, and related devices, the devices themselves are just the tip of an enormous iceberg, with the bulk of the hardware invisible behind walls or underground and with the buzzing activity extending nearly everywhere via radio waves.1
As we have embraced these technologies, we have also embedded surveillance into our taken-for-granted understandings of the worlds we inhabit. Surveillance is now spoken of as a normal part of parenting, work, and travel, and many of us routinely watch others and allow ourselves to be watched as we go about our day, without thinking twice about it. Such embedding makes it difficult for us to identify, understand, debate, and democratically regulate surveillance practices as they become woven into the fabric of con- temporary life.
To help us visualize and understand the surveillance around us, and to facilitate discussion, it is useful to distinguish between two distinct approaches to embedded surveillance. In the first, surveillance is the central purpose for developing new modes of capturing personal information. In the second, surveillance capabilities are introduced as an add-on to an existing activity: this approach relies on personal information that is collected as an inherent part of the initial activity or is easily generated as a by-product of it. Video surveillance cameras are an example of the former, more recognizable mode of surveillance, while incorporating keystroke monitoring in an office setting or intercepting traffic on the Internet backbone are examples of the latter. The “surveillance as add-on” approach is more widespread and more difficult to recognize. As the following discussion illustrates, in both cases, the embedded character of surveillance makes it hard to detect and thereby difficult to hold those responsible to account.
Surveillance as Central: Special Purpose Surveillance
The most obvious example of the unobtrusive embedding of devices designed specifically for surveillance purposes into our daily environment is the extraordinary growth of various types of camera surveillance. Most of this growth takes the form of surveillance cameras deployed on city streets and in shopping centres for security purposes. Indeed, the surveillance camera is probably the most familiar symbol of surveillance.
Although the United Kingdom has long been the recognized leader in the adoption of surveillance cameras, Canada is similarly moving toward making this form of monitoring a ubiquitous feature of contemporary urban life.2 Surveillance cameras are, for instance, becoming common along road- ways, where they are used to spot drivers speeding or going through red lights. Taxicabs in major cities are fitted with cameras that record the face of every passenger. In these examples, stored images are normally examined only when there is evidence of an infraction or incident.
Even though such cameras are among the most visible indicators of explicit surveillance, people are largely unaware of their presence.3 Even though businesses are required by Canadian law to post signs notifying people of the presence of video surveillance, a 2011 study found that only one-third of sampled commercial installations had any form of signage and that when such signs were posted, they were often designed and positioned so as not to be noticed.4 Furthermore, the wording of the signs consistently failed to meet even the minimum notification requirements specified by Canadian privacy law.
A more sophisticated and privacy-sensitive application of visual surveillance is the growing use of automated licence plate recognition (ALPR) systems on roadways and in parking lots. Such systems use optical character recognition (OCR) techniques to capture licence plate numbers; the plate numbers are then compared against lists containing the licence plate numbers of cars that police are looking for or are stored in databases for later use. ALPR devices are also mounted on structures above highways to collect tolls, flag suspects, or track the movements of “persons of interest.” Police use ALPR-equipped cars to scan parking lots and highways in search of vehicles that match their watch lists. They may ticket or apprehend drivers on the spot.
Surveillance as an Add-on: Transactional Surveillance
Although businesses and government agencies are rapidly embedding special purpose surveillance devices into our built environment, the surveillance capabilities that have been added into the familiar devices and transactions originally developed for other purposes are much less visible and far greater in scope, intensity, and consequence. In the past decade, as much of our everyday financial and social transactions have moved from corporate-owned, special-purpose, immobile devices—such as automated teller machines (ATMs) and point of sale (POS) terminals—to individually owned, multipurpose mobile devices—notably, smartphones—surveillance capabilities have been embedded in these as well. The News of the World phone-hacking scandal in the United Kingdom, in which reporters intercepted the voicemails of thousands of individuals, highlights the potential for conducting transaction surveillance via the telecommunications networks on which mobile devices rely.5 Below, we briefly explore a number of examples where surveillance is embedded in our everyday objects.
“Enhancing” ID for Surveillance
Another example of how surveillance has been unobtrusively embedded in familiar and uniquely personal items includes the recent digital “enhancement” of our identification documents. ID is central to contemporary life: we are increasingly required to present identification documents when we shop, enter buildings or other spaces, board transit vehicles, cross borders, and so on. The ID documents that we use are most often standardized plastic cards that slide smoothly into designated places in our wallets and purses. People are accustomed to presenting such cards or other ID documents for a quick visual inspection by an authorized employee before being allowed to proceed.
"Deep” Internet Surveillance
A third major issue concerning embedded surveillance that has emerged since 2000 is the interception and inspection of Internet traffic. Most public attention and controversy over Internet surveillance has focused on the surveillance at the “edges” of the Internet. On the user or client side of the Internet, the capture of data by surveillance software modules embedded within browsers (e.g., cookies and “web bugs”) has been controversial since the 1990s, and more recently, such software embedded in personal mobile devices (e.g., location tracking on iPhones and Android smartphones) has raised similar concerns.6 Similarly, on the server side, there are ongoing debates about the covert access to such communications as emails and social network posts that are held by Google, Facebook, Microsoft, and other major service providers.
With the extraordinary expansion of online services over the past decade, especially social networking applications, people around the globe have voluntarily, even enthusiastically, contributed enormous volumes of often highly personal information to corporate databases. Accessing this trove of fine-grained data—typically used for advertising or sold to third parties for commercial purposes—is a key feature of the business model of the corporations involved. This poses obvious privacy risks, but consumers, so far, have been willing to put up with this, whether because of a lack of knowledge or because they enjoy the convenience and immediate rewards of the services offered. These databases, and their promise of rich insights into the activities and attitudes of a significant portion of the population, have proved very attractive to state security and law enforcement agencies.
Incorporating surveillance capabilities in both the client and server devices at the edges of the Internet is controversial, but it is deep within its “backbone” where the most alarming forms of Internet surveillance are being secretly embedded. Giant routers, housed in unobtrusive office towers in the cores of our major cities, switch billions of data packets every second between fibre-optic cables speeding our Internet traffic to its designated destinations. Over the past decade, governments and corporations have installed equipment that intercepts, analyzes, and selectively stores the traffic passing through these vital switches, or Internet exchange points (IXPs). Given the great and growing range of activity that is conducted via the Internet, the ability to surreptitiously monitor all the personal traffic of hundreds of millions of individuals is breathtaking in its potential ramifications.
These examples, along with other trends (such as legislative changes) that condition how authorities can access digital communication illustrates several important points about the current state of Internet surveillance in Canada:
Surveillance practices pose significant challenges to privacy and other civil liberties. The embedding trend heightens these concerns in particular ways—notably, by making surveillance less and less visible even as it grows more and more commonplace. Because these practices are rarely visible from the outside and are usually bundled up with the other more legitimate activities on which they depend, it is extremely difficult to ensure the openness and transparency necessary to making those who carry out surveillance democratically accountable. Although Canadian privacy laws require organizations conducting such surveillance to bear the primary responsibility for making their practices publicly accessible, how is anybody to know whether or not they are doing this? It usually takes a highly publicized breach and a subsequent in-depth investigation to bring surveillance abuses to light. And, by that time, such violations are often a widespread industry practice and hard to remedy after the fact. Read the full trend in the free download of the Transparent Lives: Surveillance in Canada book.