Participatory Surveillance – Who’s Been Tracking You Today?

With the internet of things still trying to find its way, I wonder why more folk aren’t talking about participatory surveillance?

For years, websites have been gifting information to third parties that you have visited them (Personal Declarations on Your Behalf – Why Visiting One Website Might Tell Another You Were There), but as more people are instrumenting themselves, the opportunities for mesh network based surveillance are ever more apparent.

Take something like thetrackr, for example. The device itself is a small bluetooth powered device the size of a coin that you attach to your key fob or keep in your wallet:

The TrackR is a Bluetooth device that connects to an app running on your phone. The phone app can monitor the distance between the phone and device by analyzing the power level of the received signal. This link can be used to ring the TrackR device or have the TrackR device ring the phone.

The other essentially part is an app you run permanently on your phone that listens out for the trackr device. Not just yours, but anyone’s. And when it detects one it posts its location to a central server:

[thetrackr] Crowd GPS is an alternative to traditional GPS and revolutionizes the possibilities of what can be tracked. Unlike traditional GPS, Crowd GPS uses the power of the existing cell phones all around us to help locate lost items. The technology works by having the TrackR device broadcast a unique ID over Bluetooth Low Energy when lost. Other users’ phones can detect this wireless signal in the background (without the user being aware). When the signal is detected, the phone records the current GPS location, sends a message to the TrackR server, and the TrackR server will then update the item’s last known location in its database. It’s a way that TrackR is enabling you to automatically keep track of the location of all your items effortlessly.

And if you don’t trust the trackr folk, other alternatives are available. Such as tile:

The Tile app allows you to anonymously enlist the help of our entire community in your search. It works both ways — if you’re running the app in the background and come within range of someone’s lost item, we’ll let the owner know where it is.

This sort of participatory surveillance can be used to track stolen items too, such as cars. The TRACKER mesh network (which I’ve posted about before: Geographical Rights Management, Mesh based Surveillance, Trickle-Down and Over-Reach) uses tracking devices and receivers fitted to vehicles to locate other similarly fitted vehicles as they pass by them:

TRACKER Locate or TRACKER Plant fitted vehicles listen out for the reply codes being sent out by stolen SVR fitted vehicles. When the TRACKER Locate or TRACKER Plant unit passes a stolen vehicle, it picks up its reply code and sends the position to the TRACKER Control Room.

That’s not the only way fitted vehicles can be used to track each other. A more general way is to fit your car with a dashboard camera, then use ANPR (automatic number plate recognition) to identify and track other vehicles on the road. And yes, there is an app for logging anti-social or dangerous driving acts the camera sees, as described in a recent IEEE Spectrum article on The AI dashcam app that wants to rate every driver in the world. It’s called the Nexar app, and as their website proudly describes:

Nexar enables you to use your mobile telephone to record the actions of other drivers, including the license plates, types and models of the cars being recorded, as well as signs and other surrounding road objects. When you open our App and begin driving, video footage will be recorded. …

If you experience a notable traffic incident recorded through your use of the App (such as someone cutting you off or causing an accident), you can alert Nexar that we should review the video capturing the event. We may also utilize auto-detection, including through the use of “machine vision” and “sensor fusion” to identify traffic law violations (such as a car in the middle of an intersection despite a red stop light). Such auto-detected events will appear in your history. Finally, time-lapse images will automatically be uploaded.

Upon learning of a traffic incident (from you directly or through auto-detection of events), we will analyze the video to identify any well-established traffic law violations, such as vehicle accidents. Our analysis will also take into account road conditions, topography and other local factors. If such a violation occurred, it will be used to assign a rating to the license plate number of the responsible driver. You and others using our App who have subsequent contact with that vehicle will be alerted of the rating (but not the nature of the underlying incidents that contributed to the other driver’s rating).

And of course, this is a social thing we can all participate in:

Nexar connects you to a network of dashcams, through which you will start getting real-time warnings to dangers on the road

It’s not creepy though, because they don’t try to relate to number plates to actual people:

Please note that although Nexar will receive, through video from App users, license plate numbers of the observed vehicles, we will not know the recorded drivers’ names or attempt to link license plate numbers to individuals by accessing state motor vehicle records or other means. Nor will we utilize facial recognition software or other technology to identify drivers whose conduct has been recorded.

So that’s all right then…

But be warned:

Auto-detection also includes monitoring of your own driving behavior.

so you’ll be holding yourself to account too…

Folk used to be able to go to large public places and spaces to be anonymous. Now it seems that the more populated the place, the more likely you are to be located, timestamped and identified.

Where’s My Phone…?

Several years ago, I cam across this mocked up Google search that still makes me laugh now…

Google - where are my keys

And a couple of days ago, I realised I’d misplaced my phone. An Android device. An Android device that I have associated with a secondary Google profile I set up specifically to work with my phone (and that is linked in certain respects, such as calendars, with my primary Google ID).

Not being overly trusting of Google, I thought I’d switched off the various location awareness services that Google, and others, keep trying to get me to enable. Which made me feel a little silly – because if I’d put a location tracker on my device I would have been able to check if I had accidentally lost it from pocket in the place I thought. Or erase it if not.


Or perhaps, not oops. I thought I’d do a quick search for “locate Android phone” just anyway, and turned up the so-called Android Device Manager (about, help). Logging in to that service, and lo and behold, there was a map locating the phone… pretty much exactly to the point I’d thought – I’d hoped – I’d misplaced it.


There are also a couple of other device management services – call the phone (to help find it down the side of the sofa, for example), or erase the phone and lock it. A service also exists to display a number to display on the locked phone in case a kindly soul finds it and wants to call you on that number to let you know they have it.


Another example of a loss of sovereignty? And another example of how Google operate enterprise level control over our devices (it’s operating system and deep seated features), albeit giving us some sort of admin privileges too in a vague attempt to persuade us that we’re in control. Which we aren’t, of course. Useful, yes – but disconcerting and concerning too; because I really thought I’d tried to opt out of, and even disable, location revealing service access on that phone. (I know for a fact GPS was disabled – but then, mobile cell triangulation topped up with wifi hotspot location seem to tunnel things down pretty well…)


The Curse of Our Time – Tracking, Tracking Everywhere

You probably can’t help but have noticed (in the EU at least), that website operators seem keen to gain your permission to pop “cookies” into your browser. Cookies are tiny computer files that a website can use to store information about you on your own computer. To prevent nasty people doing nasty things, the security policies operated by your browser try to ensure that only websites that write a cookie can read them back.

Because of the way that web pages are constructed, it might well be that third parties appear to write cookies to your computer when you land on a particular website from that website, but that isn’t the case. Instead, web page publishers allows other sites to write cookies to your browser by including third party scripts in their pages. For example, reading the ITV cookie policy, I notice that they declare that third party advertising services may deploy cookies when you visit the ITV website. In this case, those third parties will almost certainly use the cookie as part of a recipe that records the fact that you went to the ITV website. If the same third party is used by Channel 4, that third party will be able to add information to the cookie it set when you visited the ITV website so that it knows you visited both those sites.

If enough people adopt a particular third party service, that service may be able to pick up quite a good idea about the range of sites you visit. Google’s various ad’n’analytics services in principle allow it to track you across a wide range of sites, because those services are so widely used, though the extent to which Google does or does not fuse data from the cookies associated with those various services may be moot…

One thing I hadn’t realised (or maybe, hadn’t really thought about) before was brought to my attention when something else that was new to me crossed my radar the other day: real time bidding on web adverts, the architecture for which is broadly descibed by Shuai Yuan, Jun Wang, Xiaoxue Zhao in their paper Real-time Bidding for Online Advertising: Measurement and Analysis as follows:

realtime bidding

The model is crudely this: when you visit a web site, the publisher alerts the advertisers that someone has landed on the webpage. Through various cookie machinations, the publisher (and/or the advertiser) may be able to identify you, or certain things about you, from the various cookies on your machine. The advertisers decide what you’re worth and bid to place the advert. The publisher accepts a bid from one of the advertisers and pops the ad into the page you’re visiting. Sort of. (The publisher in this case is more likely to be an ad marketplace/broker, rather than the webpage publisher.)

So that was new to me – realtime bidding. The world’s gone mad. Anyway. As a result of that, I suddenly appreciated the creepy bit in the image above, in step 4: “advertisers choose to buy 3rd party data optionally”. That is, advertisers – in real time – may buy cookie mediated information about people who are in the process of loading a particular web page – in order to work out a bid price for placing an ad within that page to present to that person. Personal advertising, in real time. If data from other (non-web) sources can be added into the mix, perhaps because someone has been uniquely identified, then presumably all the better… for example.

To help create a better picture of the person who is actually opening up a web page, and to piece together all those fractional bits of information that separate web domains can place into your browser through cookies they – and only they – can read and write – “cookie matching” services, such as the cookie matching service run by Google’s DoubleClick Ad Exchange provide a means by which various parties can pool together, or sell between each other, what they know about an individual from the cookies they have independently set on that individual’s webpage. (For a description of one recipe for matching cookies, see SSP to DSP Cookie-Synching Explained.)

I guess I knew this happened anyway (it’s part of the basis for ad retargeting – aka ads that follow you round the web), but I hadn’t realised quite how sharey-sharey, selly-selly and real time it all was.

So we’re being tracked and info about us being sold in real-time as we traipse around the web. But we know that anyway, and we don’t seem to let it bother us.

How about real world tracking, though? Are we as happy being tracked as we walk around in physical space too? It seems so – and the technology appears to be getting so mundane… Through my feeds yesterday I was lead to MFlow Journey, a product of a company not so subtly called Human Recognition Systems, that uses video surveillance to capture and follow “anonymous” faces to track human traffic flows through airports. Human tracking is nothing new of course – your mobile operator can track your phone as easy as peasy can be, and if you have wifi enabled on any of the devices you’re carrying around with you, anyone who cares to can track you too. With the click of a button, apparently (review of a typical Euclid analytics dashboard). (See also: New York Times, Attention, Shoppers: Store Is Tracking Your Cell). Apple seems to be doing it’s bit to make retail centre tracking easier too.

Automatic Number Plate Recognition (ANPR)

So that’s faces and phones… number plates can be trivially tracked too of course. Here’s a recent (January 2013) ACPO report on The police use of Automatic Number Plate Recognition (the vignettes at the start of the report are illustrative of just what the millions of rows of data in the database allow you to pick out about a particular individual; other operational examples are described in this IPPC Independent Investigation into the use of ANPR in Durham, Cleveland and North Yorkshire from 23 – 26 October 2009 (summarising press release); see also the ACPO 2009 Practice Advice on the management and Use of Automatic Number Plate Recognition, the National ACPO ANPR Standards (NAAS) v.4.12 Nov 2011 and this Memorandum of Understanding to Support Access to ANPR Data, v.2 Feb 2011. A recent bollocking from the ICO (Police use of ‘Ring of Steel’ is disproportionate and must be reviewed) suggests that popping ANPR cameras on all roads in and out of a town is just not on, but I guess this is limited to police deployed cameras, and doesn’t necessarily address mosaic pictures that you can build up from piecing together ANPR hits wherever you can pick them up from…

…because as well as ANPR systems operated by the police, ANPR is widely used by private companies (though I’m not sure about the extent to which they do, or may be obliged to, share their logs or data collection facilities with the police?) For an idea of what sorts of ANPR “solutions” are available, here’s a list of approved car parking operators with some handy metadata that shows whether they use ANPR or not.

Camera surveillance is just not limited to ANPR systems of course, as any precinct bench loitering yoofs will be able to tell you. Just what is and isn’t deemed acceptable generally is described by the recent (August 2013) surveillance camera code of practice (press release).

Hey ho – it’s got me wondering now what other pieces of the panopticon are already in place?

See also: The Loss of Obscurity – A Round-Up of Recent Reports Relating to Privacy and Personal Consumer Data