After 60 Minutes broke Amazon’s ambitious plan for a drone-based delivery system, all sorts of hell broke loose in the bloggershpere.
Some raised alarm over safety issues and compiled photo slideshows of gnarly hobby drone accidents, with flesh and fingers and noses sliced and mangled by drone props. Others worried about the threat to privacy posed by swarms of flying Amazon delivery drones. And plenty of commentators called into question the viability of the drone technology altogether, with most agreeing that Amazon’s drone announcement was little more than a cynical PR stunt designed to draw Black Friday attention away from criticism of Amazon’s working conditions.
But for all the cynicism, there were plenty of people cheering the coming Amazon drone army, too. And the funny thing about these boosters: many of them were the same people who’ve been the loudest critics of domestic drone use by the government. People for whom government drones represented the final step on the slippery slope to 1984… but private sector drones? Hell, open the gates and let them swarm! What could go wrong? Just make sure to keep pesky government regulators out of the way!
Eli Dourado, a research fellow at the Mercatus Center, which is part of the same sprawling advocacy complex that pushed and backed Senator Rand Paul’s anti-drone filibuster in March, got all mystical as he talked about “the promise” of Amazon’s drone scheme . He also sounded a warning about government intervention, warning that “preemptive rulemaking” would snuff out “private sector innovation.”
Buzz Brockway, a liberty minded Republican State Representative from Georgia who’s at the forefront of the fight to outlaw government drone use in his home state, gave Amazon drones a five star review and warned about regulating drone use. He pointed out that at a recent meeting of the American Legislative Exchange Council, the rightwing legislation mill that’s responsible for churning out “Stand Your Ground” vigilante laws that resulted in Trayvon Martin’s murder, both the Koch-funded Cato Institute and American Civil Liberties Union agreed: government drones are the problem; private sector drones are the solution.
Yep, the ACLU. The civil liberties advocacy group might be at the forefront of the fight to limit and regulate domestic drone use by the government…. but as far Amazon’s private sector drones are concerned? Well, let’s not get too hasty.
In a statement issued a day after Amazon announced its drone program, ACLU vaguely referred to the need for some kind of “solid drone privacy protections” but ultimately said it trusted — or rather, “hoped” — that the company would do the right thing:
“We presume that Amazon is interested in delivery, not surveillance … Let’s hope that the company will see clearly that the fate of this technology is inextricably tied to the privacy questions that surround it, and help us push to lay those questions to rest.”
Protecting people’s privacy rights from a voracious and ubiquitous mega-corporation that feeds on people’s personal data with “hope” and industry self-regulation? Sounds okay if it was coming from President Barack Obama, but it comes off as dangerously naive coming form the oldest, most respected civil liberties organization in the country.
I mean, geez, there are so many self-regulatory success stories, from food packing salmonella epidemics to market-regulated Uber drivers to the exotic unregulated derivatives that crashed the world economy back in 2007.
You don’t have to look far to see just how spectacularly self-regulation can fail to protect the public’s right to privacy posed by intrusive technologies.
Take Google’s Street View program — perhaps no other recent new tech so clearly demonstrates just how much a threat to our privacy that Amazon’s drone program has the potential to be.
Google started rolling out its Street View mapping project in 2007. Its aim: to create a three-dimensional virtual reality road atlas of the entire world that could be fully traversed and explored by Internet users.
Google spent a lot of effort designing the technology, creating software and designing specialized Street View cars equipped with GPS units, lasers, sophisticated roof-mounted panoramic cameras and loads of gee-whiz tracking and imaging gear.
Something had never before been attempted on such a massive scale by a private company, especially a company like Google — the largest data collection companies in the world and a gateway for a huge amount of internet and email traffic.
At the time, Street View seemed incredibly futuristic, and had the feel of crackpot personal project of a nerd who had way too money to play with. Herbie goes to Silicon Valley! Why would Google want to create photographic virtual map of the known world? What would Google do with this information? Whatever it was, it’d likely be pretty cool!
The backlash didn’t take long. Pretty soon people freaked out as Street View cars started taking pictures through their windows and capturing photos of people in compromising and sensitive situations. Others worried that the software was going to be used by stalkers and bullies to do recon and surveillance on hapless victims. The outrage threatened to turn into scandal, and Google quickly moved to placate critics. To demonstrate that it took privacy concerns extremely seriously, the company added algorithms that blurred and blocked out identifying info, including people’s faces and license plate numbers. Meanwhile, Google reps hit the PR circuit, downplaying people’s privacy concerns and reassuring everyone that privacy is of the utmost importance to the company.
And it worked. Google, the largest private data collection company in the U.S., was allowed to deploy a fleet of cars equipped with battery of sophisticated surveillance equipment without oversight or regulation of any kind.
Well, we know how that turned out.
After a series of investigations in the U.S. and Europe, we learned that Google had been engaging in a covert — and certainly illegal — espionage operation on a global scale, siphoning loads of personally identifiable data from people’s Wi-Fi connections all across the world. Emails, medical records, love notes, passwords, the whole works — anything that wasn’t encrypted was fair game. It was all part of the original program design: Google had equipped its Street View cars with surveillance gear designed to intercept and vacuum up all the wireless network communication data that crossed their path.
Here’s how the Electronic Privacy Information Center, one of the only tech privacy advocacy outfits in the United States to investigate Google Street View violations, described Google’s mass surveillance operation:
Using hidden Internet receivers Google “Street View” vehicles also collected a vast amount of data from users of private Wi-Fi networks in homes and businesses. Google collected MAC addresses (the unique device ID for Wi-Fi hotspots), network SSIDs (the user-assigned network ID name) tied to location information for private wireless networks, and Wi-Fi “payload” data, which included emails, passwords, usernames and website URLs.
Privacy and law enforcement agencies around the world investigated Google’s conduct. Data protection authorities in France, South Korea, New Zealand, the United Kingdom, Canada, and Spain found that Google’s Wi-Fi interception violated applicable data protection laws. The Privacy Commissioner of Canada determined that Google violated Canadian data protection law by secretly intercepting “full names, telephone numbers, and addresses of many Canadians . . . . complete email messages, along with email headers, IP addresses, machine hostnames, and the contents of cookies, instant messages and chat sessions.”
As FCC regulators struggled to get a handle on Google’s mass surveillance program, the company used every corporate crisis management trick in the book to avoid scrutiny. It issued a series of shifting denials that its Street View cars collected wireless transmissions, ignored requests for documents, misled investigators about the extent of its data collection and, in a last ditch effort, tried shifting the blame for the whole thing on a single Google engineer. The company claimed that this employee had gone rogue, building and deploying the Wi-Fi surveillance feature without approval of his superiors.
In the end, FCC investigators obtained documents and internal correspondence showing without a doubt that upper management knew about and signed off on Street View’s wiretapping capabilities. And even more disturbing: the FCC obtained emails showing Google had been analyzing and integrating the data that it had intercepted.
Even with all this damming information the FCC uncovered, its investigation remained maddeningly superficial. The agency treated Google with deference, gave them the benefit of the doubt and, most alarmingly, did not even try analyze the data Google had intercepted, instead relying on the information dug up by European regulators. And so despite all the digging and the effort put into investigation the company, we still don’t know the full extent and nature of the Street View program.
EPIC was baffled by the FCC’s behavior, pointing out that “by the agency’s own admission, the investigation conducted was inadequate and did not address the applicability of federal wiretapping law to Google’s interception of emails, usernames, passwords, browsing histories, and other personal information.”
In 2012, the FCC concluded its investigation without charging Google with criminal wrongdoing. The agencies excuse: that current federal statutes governing interception of wireless communication — the Wiretap Act and the Communications Act — were too vague and lacked precedent to be applied to Wi-Fi connections. In the end, FCC only sanctioned Google for obstructing the agency’s investigation, fined the company $25,000 and let the matter drop. A year later, Google settled a multi-state lawsuit for a measly $7 million for vacuuming up people’s private wireless traffic.
Right now another lawsuit against Street View is winding its way through courts.
All in all, though, the penalties were chump change for a company that make $16.43 billion in profit in 2012. And the Google brand — its image and credibility with the public — came out totally unscathed. Few Google users are even aware of the Street View surveillance scandal.
And the most troubling part of the story: we would have never found out about any of this, if it hadn’t been for a few persistent German regulators, who hounded Google and forced it to disclose its internal Street View documentation. Without them, Google would still be spying on our internet traffic, and we’d be none the wiser.
Google’s Street View program showed the dangers of allowing seemingly benevolent technology companies to deploy powerful surveillance technology in public spaces with zero oversight. It also showed how little power the average person has against a giant company like Google, how little protection or recourse we have.
Which brings me to the American Civil Liberties Union and its surprisingly casual take on Amazon drones.
Amazon — like Google — is a company that runs entirely on data. And the danger of Amazon drones is even great than Google’s Street View cars because, well, because they’re in the fucking sky. And yet the ACLU’s position is that government drones are always bad, while free-market drones are probably OK as long as the companies involved promise to behave.
This is not a new position for the ACLU. In 2012, the group criticized Idaho’s anti-drone legislation for heavily regulating private drones, arguing that states should craft drone legislation that is “squarely focused on law enforcement use … and is silent on private use.” In May 2013, ACLU’s legislative counsel Christopher R. Calabrese reiterated his organization’s position against private sector drone regulations. In testimony before the House Judiciary Committee, Calabrese endorsed proposed legislation that would regulate government drones, while leaving private sector drones almost untouched. Time and time again, the ACLU has argued for passing tough regulations on government drones while leaving the private sector free to self-regulate.
The ACLU’s casual attitude on private drones is beyond puzzling. Given the proliferation of private security contractors and the increasing outsourcing of the most sensitive intelligence work to private companies, it’s clear that private drones can pose just as much of a risk as government drones. In his great book “Spies For Hire,” Tim Shorrock points out that by 2006, at least 70 percent of our national intelligence budget was being funneled towards private contractors. Shorrock obtained a PowerPoint presentation on private contracting prepared by the Office of National Intelligence which put it straight: “We can’t spy . . . If we can’t buy.” If anything, given that the private sector is structured to be less transparent and less accountable to the public than even the most secretive government agencies, private drones pose an even greater risk.
The rightwing business lobby has been ramping up efforts to fight state laws regulating private drone use.
Well, as Truth Out recently noted, many of drone laws working their way through state legislatures across the country that would require police to obtain warrants for drone surveillance lack any restrictions on data sharing between government agencies and commercial drone companies. Placing restrictions on government drones while leaving commercial drones use wide open and unrestricted would only incentivize government agencies to outsource their drone business. What could be better for military and intelligence contractors?
And speaking of contractors sharing data with the big bad security state… Amazon recently signed a lucrative 10-year deal with the CIA worth $600 million to provide the agency with ultra-secure cloud storage. Maybe when Jeff Bezos gets his drone delivery army up and running, he can offer the those friendly spooks a bundled surveillance package: cloud storage + drone surveillance + free 30-minute local delivery. Up next on 60 Minutes: Amazon announces the launch of CIA Prime™
[Original image via Thinkstock]