Interesting People mailing list archives
IP: Follow-up to UK scanning PCs for Net porn
From: Dave Farber <farber () cis upenn edu>
Date: Tue, 25 Aug 1998 18:58:28 -0400
My personal advice is to remove all confidential corporate information and personal information prior to arriving in the UK . A 32 meg flash chip holds a lot and is easily pocketed. As to the confidentiality of the info they scan, I know a bridge for sale. Dave : Tue, 25 Aug 1998 18:44:19 -0400 From: "K. N. Cukier" <100736.3602 () compuserve com> Subject: Follow-up to UK scanning PCs for Net porn Sender: "K. N. Cukier" <100736.3602 () compuserve com> To: "farber () cis upenn edu" <farber () cis upenn edu> Dave, Here's a quick update on the issue of UK customs scanning PCs for Internet porn, which you sent to the IP list two weeks ago. It wraps up some of the new information that has been uncovered. Cheers, Kenn ______________ I. Many newspapers did stories on the incident, and were able to get comments from Her Majesty's Customs and Excise office (as well as compelled it to release a statement on their practices). The office confirmed the policy, but refused to explain how the scans are technically carried out, since that could compromise the effectiveness. However, contradictions emerge in the customs office's comments published in news reports and their own media statement: 1. Are travelers randomly searched, or only if they fit a profile or customs is tipped off in advance?: * "All travelers entering the country should be prepared to have their equipment scanned." spokesman at UK Customs and Excise office. (The Daily Telegraph) * "If we have had some intelligence in advance that suggests the owner of a computer may be carrying suspicious material, that's when we are likely to want to search a computer. ... But on a day-to-day basis we will not check computers." UK customs spokesperson. (Press Association, UK) * "We're targeting people who fit particular profiles." UK customs official. (BBC Online) * "According to a Customs spokesperson, seizures are a regular occurrence although 'we don't do things randomly. We work on intelligence received,' she claimed." (VNU) 2. Do the scans happen systematically or rarely?: * "Just as Customs regularly intercept and examine baggage, items of mail, courier despatched material, and consignments of freight which might contain indecent or obscene material or other prohibited items we also examine the content of computer files." (HM Customs & Excise office) * "We do not search computers as a matter of policy... usually only if we think there is some reason to." UK customs spokesperson. (Press Association, UK) * "There's a variety of software we can use and we've been using CD-Rom readers for some time to check disks for pornography." UK customs spokesperson. (BBC Online) 3. Have the border searches yielded illegal pornographic material?: * "But we're daily seizing images from pedophiles." Mark Thompson, British Customs and Excise office. (The New York Times) [NOTE: It is not clear if it refers to electrically-stored images, or hard copies--KNC.] * "The spokesman said a number of paedophiles who had downloaded images from the Internet and stored them on their hard disk had been apprehended through Customs work. But he could not cite any cases of this happening at border inspections. He said discoveries were made mainly by intercepting mail." (BBC Online) [NOTE: is it not clear if it refers to e-mail or the post--KNC.] * "Officers may examine laptop computers because experience has shown that these are being used to smuggle appalling paedophile images. (HM Customs & Excise office) 4. The admissibility of evidence and protections of privacy are unclear: * "Still, the scanning technology promises to exact a penalty from some computer users who get snagged by it: Customs officials may confiscate a computer containing pornographic images. "We would probably put forward a legal case to retain the computer," Thompson said." (New York Times) * "So far as we are concerned, there is little difference between an encrypted file and a locked suitcase." UK customs spokesman. People refusing to open encrypted text will be subject to a court order; the penalty for refusing the order is contempt of court, which can result in imprisonment. (Daily Telegraph) * Travelers need not be concerned about the privacy of business or personal documents, the spokeswoman said, because the service "has a duty of confidentiality. The information goes no further". (VNU Newswire) * "These "scans" are done in the presence of the passenger. ... [T]echnical staff are available to assist where necessary." (HM Customs & Excise office) Sources: * BBC Online August 13, 1998; by Chris Nuttall. <http://news.bbc.co.uk/hi/english/sci/tech/newsid_150000/150465.stm> * The Daily Telegraph, 20 Aug 1998; by Simon Davies. <http://www.telegraph.co.uk> * HM Customs & Excise office (public statement), August 1998 <http://www.open.gov.uk/customs/discscan.htm> * The New York Times, 15 August 1998; by Peter Wayner. <http://www.nytimes.com/library/tech/98/08/cyber/articles/15border.html> * Press Association, UK, 17 August 1998; by Giles Turnbull. <http://www2.crosswinds.net/london/~gilest/cukier.html> * VNU Newswire, August 1998; by Graham Lea. VNU Business Publications Ltd. London UK. II. New questions remain unanswered: * What if Customs accidentally unleash a computer virus on a traveler's machine during a search? Can the traveler sue for damages? * If a traveler refused to submit to a PC scan search, is the person simply not allowed to enter the country, or could the UK authorities demand a search of computer files nevertheless? * How does the scan work? "Her Majesty's Customs and Excise Press Office [said in an interview with Bentley] their scanning involves booting from a "one-time" floppy which does the scanning and which they then discard. ... [I]f there is nothing inserted into the scanned notebook but a single floppy, then their scope for copying data off the notebook is very limited." (Source: Pete Bentley <pete () sorted org>, correspondence with KNC; posted in different form on "ukcrypto" mailing list.) III. As for the IP posting itself, it has had an interesting lifespan, and serves as a terrific example of the Internet's power to inform and contribute to setting the political agenda. The IP post's diaspora was fast and broad, much aided by Declan McCullagh's popular Politech list. Within hours, my mailbox was teeming with messages from people extending their support, and sharing their indignation. One FCC official called the incident "amazing"; a vice president at a large US backbone ISP likened it to Monty Python; a world-renowned cryptographer commiserated on the excesses of government snooping.... Britain's newspaper The Independent "reprinted" the essay (17 August 1998), citing the original "publication" as the IP list, in what may be the first time the traditional media has shovelwared online media...! Many newspapers and online media sites reported the incident. And the IP post has even been translated into Spanish <http://www.zonezero.com/magazine/articles/kcukier/searched.html> . IV. In Richard Solomon's message, which you posted over the weekend, he argued: "this is a pure excuse for industrial espionage." I disagree with Richard, actually, though respectfully defer to him as an expert in his field. I think there is a great and real danger that scanning laptops could *become* a smokescreen for industrial espionage, but I suspect the reason UK customs authorities peruse this policy today has less to do with nefarious interests and more to do with stupidity. The e-mail of Vin McLellan of The Privacy Guild, on how executive's laptops have been targeted in the past, is unsettling. Clearly, the UK will be forced to re-examine its policy as soon as they demand a scan not of a harried reporter's computer, but of a senior French executive, who says those immortal, firecracker words: "Please call my embassy before you proceed." (Actually, I giggle when I think of what British business executives would do if China had a similar customs scanning policy under the pretext of Internet porn!) For policy makers, they see the matter in the same perspective as classic paper-bound regulations: And if you've implemented a bad policy, you can change it. What policy makers don't understand -- but the geeks do -- is that in terms of technology, there's a far larger burden: Once you've deployed the infrastructure for this sort of thing, it's extremely difficult to turn back. The message: Don't build short-sighted, silly policy into the infrastructure. Do we really want a world where our private thoughts -- as expressed by the Web sites we visit, our e-mail records, our date book and address book -- can be readily submitted to a scanner, under whatever pretext, whenever we cross a border? Hey, maybe we do -- but if that's the case, I'm certain we ought have a transparent and frank public policy debate on the effectiveness versus the potential social consequences of such as policy, not fiat that question to a lone customs guard at Checkpoint Doom. V. While the experience underscored the fragility of privacy and ease of government surveillance in the digital age, I also believe it demonstrates why our society is healthy and the political-governing process works quite well. I have been able to speak out publicly about the incident without fear of either France or the UK government requesting my address from my ISP to arrest me. Days after the incident, I was in Kuala Lumpur talking with an official at MIMOS, Malaysia's government-backed networking center, which revealed the identities of three Internet users to the Mahathir government who arrested them for "rumor mongering" over e-mail. By comparison, I feel I was treated as if a member of the Royal Family. Of course, it is precisely because I believe these freedoms are worth protecting that I raise questions about the UK policy. VI. British (pundit) sentiment is divided on the matter. A couple of days after my experience at Waterloo station, ironically, the director of the British Board of Film Classification, James Ferman, who oversees and censors UK films, announced his retirement and spoke to the press about Britain's pornography policy. Ferman is quoted as saying: * "As we enter a new millennium, we must find a solution to the problem of pornography, which will not go away. The law has been applied by police and magistrates in too strict a manner to allow the material the customers want." (The Independent, 16 August 1998). * "A little of what people want is OK as long as it's on the harmless end of the spectrum." (Sunday Times, 16 August 1998). * "We are left with a flourishing black market which mixes pornography with obscenity." (The Independent, 16 August 1998). The Sunday papers: * "[T]he scale of the Net is such that any attempt by British police to pursue produces and consumers of hard pornography would be futile. [...] Thanks to technology and the market, the hard and the obscene are here to stay." (Bryan Appleyard in the Sunday Times, 16 August 1998, speaking out *against* pornography in society.) * "[T]he Internet and satellite television in the 1990s ... have also by-passed almost every legal obstacle, avoiding any form of import control...." (Tobias Jones, in The Independent, 16 August 1998). VII. Since the essay, many people have sent me information on Britain's customs laws: * "Section 42 of the Customs and Consolidation Act 1876 prohibits the importation into the UK of indecent or obscene prints, paintings, photographs, books, lithographic cards or other engravings, or any other indecent or obscene articles. ... Following Derrick v. Commissioners of Customs and Excise it is clear that any kind of computer disk will be covered by the Act. But as far as the electronic transmission of computer data is concerned, HM Customs and Excise stated to the Home Affairs Committee that: 'Computer pornography transmitted into this country from overseas via telephone lines, etc., is not within the scope of the import prohibition since such transmission does not constitute an importation of goods or articles'." (Source: Akdeniz, Yaman <lawya () leeds ac uk>, "Computer Pornography: A Comparative Study of the US and UK Obscenity Laws and Child Pornography Laws in Relation to the Internet," [1996] International Review of Law, Computers and Technology 10 (2), 235-261.) * Customs and Excise Management Act 1979; section 14 (1): "without prejudice to any other provision of the Customs and Excise Act 1979, where anything has become liable to forfeiture under the Customs and Excise Acts: (a) any ship, aircraft, vehicle, animal, container, (including any article of passengers' baggage) or any thing whatsoever which has been used for the carriage, handling, deposit or concealment of the thing so liable to concealment, either at a time when it was so liable or for the purposes for the commission of the offence for which it later became so liable, and (b) any other thing mixed, packed or found with the thing so liable to forfeiture shall also be liable to forfeiture." (Source: Law Report, The Independent, 4 Nov. 1997 by Kate O'Hanlon, Barrister. Sent to me by A.R. in Brussels.) VIII. Two things I would have done differently had I known that the message would get the attention it did: Re-read it before sending it (after writing it at 3am, atop a 15 hour fight!) to correct all the spelling errors. Also, chastise one last group that sort of gets off scot-free: The complicity of politicians who incite, then exploit, citizens' fears of new technology to curry electoral favor by masquerading as tough on Net porn. Thanks for passing this (verbose screed) along to the list, Kenn
Current thread:
- IP: Follow-up to UK scanning PCs for Net porn Dave Farber (Aug 25)