Hi everyone, I hope you all are still managing to stay safe and healthy out there. A little programming note here. You may have noticed that there have been fewer newsletters going out the past few weeks. The current pandemic has made times tough for everyone, and I’ve certainly felt that recently. While I do plan to start writing here more frequently, I may also do some experimenting. I’m currently considering doing one newsletter per week, and then an additional newsletter available only for paid subscribers. That’s all subject to change though, so we’ll see.
Would you prefer receiving two newsletters per week? Is there a particular day of the week when you would prefer to receiver this newsletter? I would love to know your answers to these questions, and any other suggestions you may have to help me improve. As always, you can email me at mack.degeuring@gmail.com or message me on Twitter @mackdegeurin. For those of you who are paid subscribers, thank you so much, y’all are the reason why this is still being produced weekly.
Alright, with that throat-clearing out of the way, let’s jump into it.
Today’s Big Story
The New Era of Workplace Surveillance
So far, this newsletter has spent a good amount of time parsing through the multitude of ways state movements and multinational corporations are engaging in full time, always-on surveillance. But there’s another spy that’s least discussed: your boss.
Odds are if you work in a profession where you spend most of your time hunkered down behind a keyboard, your communications and daily workflow might not be as private as you once thought. For years, reports have swirled around of companies using spyware to monitor their workers’ computers and messages.
Slack, for instance, which is used by millions (including most major news organizations) for internal company communications, has a feature where employers can view supposedly “private” direct messages. Zoom, which has seen an explosion of users since the coronavirus once had a feature called “attention tracking” which allowed meeting hosts to see if attendees navigated away from the app for more than 30 seconds. (Zoom has since disabled the feature following a flood of recent privacy scandals).
While this type of workday surveillance is most common in white-collar, internet-based jobs, there are exceptions. The most notable exception here is Amazon, which requires each of its warehouse workers to wear wristbands that track their movements around a fulfillment center and uses vibrations to nudge them into certain directions.
All of these cases are concerning but seemed, for the most part, like anomalous outliers. Now, thanks to the coronavirus that might be changing.
With millions forced to work from home in the US alone, managers and bosses have suddenly found themselves unable to subtly peek behind their worker’s computers to makes sure they aren’t on Facebook or Reddit. That supposedly could lead to lost productivity and thus lost revenue. Smelling a profit, surveillance companies have quickly jumped in to offer solutions.
According to a recent article in The Wall Street Journal, companies across a range of sectors are seeking out technology to track the online movements of its workers. Some, like PricewaterhouseCoopers LLP are developing phone apps that can trace the content of workers' interactions. According to the Journal article, over 50 major institutions, which includes “some of the nation’s biggest banks, manufacturers,” have already expressed interest in the technology.
To get a better sense of exactly what that would look like, New York Times writer Adam Satariano downloaded a spyware product from Hubstaff and agreed to have his editor monitor him for several weeks. In practice, the Hubstaff product, like many others, works by periodically snapping screenshots of a worker’s computer every few minutes. Those screenshots are logged and can be viewed by the employer later to see what websites the worker was browsing during a workday. In addition to the screenshots, Hubstaff tracked the writer’s geolocation data and mapped out everywhere he went.
All this can lead to some unwelcome surprises. That happened to Satariano when the app snapped a picture of him while he was completing an at-home exercise video. While that example might be embarrassing, it has potentially severe privacy implications. What happens, say if the app happens to take a screenshot while the worker is reviewing their banking details? What if it captures a scandalous text or email?
According to the company founder, Dave Negot, none of that should concern people because privacy is dead.
“The world is changing,” Nevogt told the Times. “Workers know they are being watched, so it does not violate privacy.”
Then, on the physical side of things, there are a whole host of companies working to track people when they do end up going back to work. Companies like Smartvid.io Inc. and Drishti Technologies Inc. for example, are reportedly using artificial intelligence to monitor construction sites and other population-dense workplaces to enforce social distancing. Interpublic, an ad agency employing over 9,000 people in New York, is reportedly assigning “threat levels” to its employees to determine who gets to come back to work first.
Others, like Landing AI are using artificial intelligence to analyze workplace security cameras and send out alerts if it detects people are not following social distancing. A recent Slate article highlighted companies like CenTrak and SwipeSense which are developing RFID enabled lanyards that purport to track which rooms workers enter and whether or not they have washed their hands.
In addition to software that monitors workers’ computer’s larger companies are also investing in large scale temperature scanners to snuff out potentially sick people before they ever enter an office building.
Feevr, which creates temperature scanners is reportedly working on a facial recognition app that people can use to scan themselves. If the image detects that they don't have a fever, then they can skip ahead of a thermal image line at an office.
Then there is the wealth of contact tracing apps being developed by governments and private companies. While this newsletter has pointed out the low adoption rates of these apps thus far, many companies, according to the Slate article, may make the downloading of these apps mandatory for them to return to the work.
Whether or not you have reservations about Apple and Google’s new contact tracing technology for example, you may have to set those aside if you want to go to work.
That, in turn, produces the downstream effect of increasing the adoption rate for these technologies and potentially making them more effective. (Studies have found that digital contact tracing apps are only effective if more than 60 percent of a population downloads it.)
While all of these measures are being justified through the lens of a coronavirus emergency, privacy advocates worry this type of tracking will simply become the new normal. Jason M. Schultz, professor of clinical law at New York University echoed that concern in the Wall Street Journal article.
“Employers don’t really have any incentives to remove surveillance once they install it,” he said.
Anyone who feels uncomfortable with these new measures will likely not have any choice. Unlike other countries, the majority of American workers have little to no privacy rights in the workplace
Here’s Natalie Chyi of Slate explaining the point:
“For example, there are few federal restrictions on employers’ collection and use of workers’ GPS data or other device data, and employers have full rights to any employer-owned equipment, including devices like laptops and phones or accounts on communication channels like email or Slack. Estimote [a source in the story] calls its technology ‘less invasive’ because information is shared ‘only with your employer’—but how much of this information should employers have, especially without clear safeguards that the data will not be repurposed or used unfairly?”
Workers who do announce their opposition to such surveillance face an uphill battle. Labor unions protecting workers’ rights have been choked into submission over the course of the last half-century. For those that remain, there are fears that corporate bosses could be monitoring any attempts to organize, a sentiment expressed by some Instacart delivery drivers in a recent OneZero article.
Their fears are not unfounded. Amazon, which has arguably the worst reputation towards unions of any major corporation, reportedly created heat maps of all of its Whole Foods locations around the country using statistics on income and race to determine which locations might be most likely to form a union (and cause trouble). Other older established unions like United Electrical, Radio, and Machine Workers of America have also expressed concerns over bosses monitoring employees’ emails and others at work communications. As the OneZero article notes, data from the American Management Association, a professional development nonprofit, shows that 66% of companies monitor employee internet use, 45% log keystrokes, and 43% track emails.
Many of the surveillance products outlined above have also been suggested in some form by state governments around the world who have the tall task of finding ways to reopen economies safely. While privacy advocates have managed to push back against some of the most invasive surveillance systems posed by governments in the wake of the pandemic, workers have less latitude.
When posed with the choice of submitting to new surveillance or losing one’s job, it’s unlikely many will choose the latter. That leaves open the possibility of a surge in a new surveillance culture brought on, not by formal government decree, but instead on the individual worker level.
Like what you’ve read so far? If so, please consider becoming a paid subscriber for $5 per month.
If that’s too much commitment, no worries. You can also support the newsletter by making a one-time Venmo donation to @Mack-DeGeurin to help keep this content coming.
***The Limitations of Fever Detectors for Business***
With business all around the world looking to open their doors once again, many are searching for technological solutions to limit thier exposure to the coronavirus. One of the most popular of those solutions is thermal cameras that could potentially detect whether or not someone attempting to enter the store has a fever.
As Drew Harwell reports in The Washington Post though, this is a far from a perfect solution. For one thing, many different things can set off thermal cameras that are unrelated to fevers. Overweight people, those with underlying health conditions, or people with hot flashes can all potentially trigger the system.
On the other end of the spectrum, it has been widely reported that a significant proportion of people infected with the coronavirus never actually have a fever themselves. Some estimates suggest that as much as 25% of all people infected with the coronavirus show no symptoms whatsoever.
Drew Harwell, The Washington Post
***NSO Group in America***
Israel surveillance company NSO groups is reportedly pitching its spyware to American police. The company, which is best known for selling spyware that can supposedly monitor texts and phone calls to authoritarian governments around the world, has spent the past few years attempting to clean up its image by striking deals with more “democratic” governments. So far, the US government has largely remained off the company’s client list, but a new Vice report proves they are trying to change that.
Brochure documents obtained by Vice show how the company is attempting to sell a new surveillance technology dubbed, Phantom, to police forces in San Diego which it claims can “Turn your target's smartphone into an intelligence gold mine.”
While there’s no evidence the named police forced purchased the technology, during a phone call with NSO Group, San Diego Police Sergeant David Meyer reportedly said the system, “sounds awesome,” according to emails viewed by Vice.
***Corona Contact tracing pervs***
A New Zealand woman says she feels, “shaken and vulnerable,” after Subway restaurant worker was able to use her coronavirus tracking information to contact her and flirt with her. The woman, who was identified by Newshub simply as “Jess” offered up her personal information to an employee as required by the nation’s new coronavirus contact tracing system. Business are supposed to act as “custodians” of that information, but one employee decided he’d use that information to try and get a date. The employee, according to Newshub, has since been suspended.
The specific personal information required by contact tracing systems around the world differs greatly between countries. How countered collect that information and with what degree of privacy they regulate it also varies, so Jess’ examples does not necessarily apply to someone using a tracing system in the United States or Europe, however, it does serve as a reminder that supposedly anonymous information isn’t’ always that anonymous. In New Zealand, citizens link Jess are reportedly required to submit thier names, email, and home addresses and phone numbers.
***Anonymous Fashion***
Here’s Gunseli Yalcinkaya explaining just how the shirt works:
“Normally, surveillance algorithms work by recognising a characteristic in an image, drawing a ‘bounding box’ around it, and assigning a label to that object. To interrupt this, the t-shirt uses colourful, pixelated patterns to confuse the technology into thinking you don’t exist. In other words, the clusters of pixels are placed to confuse the AI’s classification and labelling system, making it harder for it to map out your facial features.”
While it might not be the trendiest looking shirt, the research is just one of a niche but growing assortment of wearables aimed to take on surveillance tech. If surveillance does become the norm, you may expect to see more of these types of solutions become commonplace.
***UK Predictive Policing***
A new report allegedly shows that several UK police departments have adopted and implement facial recognition technology and predict policing systems without first attaining public approval. As reported in Verdict, government documents show both South Wales and Met Police actively use facial recognition in policing but only South Wales had left the changes up for public consideration.
The British public remains strongly divided over the efficacy of facial recognition with about 49% of people saying the identification system makes them feel uncomfortable, according to a survey cited in the article.
Long Reads/Food for Thought
Why contact tracing comes with a cyber security price tag
By Laurie Clarke for the New Statesman
Much of this newsletter over the past few months has been spent discussing (and will continue to discuss) the range of digital contact tracing solutions being offered up by governments around the world. One element within that debate exists around the idea of a centralized versus decentralized approach. In general, privacy-minded advocates are more supportive of the latter, and companies like Apple and Google have said they would only allow thier technology to work in a decentralized system. However, some countries, like France and the UK, are holding fast to thier centralized approaching, arguing that it would be more effective at containing the virus.
This article, while coming from a privacy-first perspective, does a good job of going into the weeds of the centralized vs. decentralized approaches.
Facebook funds lobbying group meant to take on antitrust
By Xeni Jardin for Boing Boing
Have a great weekend!
Thoughts? I want to know what you think! This newsletter is a living, evolving, work and it is meant to be a helpful resource to keep you informed and engaged with the ways emerging technologies are impacting daily life. Please send all comments, questions, corrections, criticism, and hate (lemme have it) to thestateofsurveillance@gmail.com.
If you found this newsletter beneficial, you can help keep it going by sharing it online or (better yet) telling a friend about it. To help support the newsletter in more tangible ways you can make a donation of any amount to my Venmo account below. Any and all support is greatly appreciated.
Follow the State of Surveillance on Twitter @state_of_spies
Follow me on Twitter @mackdegeurin
Support this newsletter with a Venmo donation to @Mack-DeGeurin