Mr Devlin,
It is now nearly a full month since I submitted the below questions for Assistant Chief Constable Drew Harris of the PSNI. A PDF copy is also attached to refresh your memory.
Elected officials within the European institutions are making noises concerning citizens' privacy that, while related more to corporate abuse of personal data, would seem to apply equally - if not moreso - to a massive Internet and real-world surveillance and data-acquisition system for law enforcement and intelligence services use.
In response to my earlier request for an update on the expected time at which answers would be forthcoming, you talked of the distribution of these questions to others; you did not respond to my followup query as to who these questions were distributed to, nor to my concern about who outside the EU may be involved in Project INDECT work.
I am sure you are, by now, aware of the earlier report I published in October [1], and the German translation [2]. I have, since initially submitting my questions, been brought up to speed on developments at the University of Wuppertal by investigative journalists with Germany's public broadcaster. This included pointing me at the coverage published by Telepolis [3], [4], [5], [6].
In addition to this, I have several academics, albeit reluctant to go on the record, who are quite clear on the point that, any respectable university involving themselves in INDECT research, with a senior police officer as head of the Ethics Board, is in breach of the near-universally accepted ethical review standards relating to academic research without subject consent or where a possible breach of privacy has taken place. I have received photographic evidence of such breaches in progress; namely, Polish researchers installing computerised data-acquisition devices in an apparently normal GATSO speed camera.
I have sufficient information from the below links, other published reports subsequent to Wikinews', my own deep-web research into involved researchers' university web presences, and comments on the dubious legality of the proposed system, to produce a fairly damning article. This is unreasonable without a right to reply, the attached questions were intended as such.
It would be most reassuring to know if you actually intend to provide honest, non-evasive, answers to my questions in short order (i.e. before Friday coming). Or, that such will not be provided and I should go ahead, publish, and provide full copies of my notes to the German public broadcaster. On the latter point, it is simply a matter of time until they collate the same information as I have and reach similar conclusions.
[1] http://enwn.net/0718 [2] http://enwn.net/3F261 [3] http://www.heise.de/tp/r4/artikel/31/31176/1.html [4] http://www.heise.de/tp/r4/artikel/31/31425/1.html [5] http://www.heise.de/tp/r4/artikel/31/31802/1.html [6] http://www.heise.de/tp/r4/artikel/31/31855/1.html
On Fri, 2010-01-08 at 00:53 +0000, Brian McNeil wrote:
On Mon, 2010-01-04 at 13:58 +0000, ken.devlin@psni.pnn.police.uk wrote:
Brian,
If you send me your questions, I'll do my best to ensure they are answered.
Ken, my questions for Assistant Chief Constable Drew Harris are below.
I would really appreciate if you can indicate some sort of timeframe within which I can expect answers.
* What are the responsibilities of the Project INDECT ethics board? * How does the ethics board reach decisions on what research to proceed with? * Who are the members of the Project INDECT ethics board, and who selected them? * What are the academic requirements of the ethics board? * What progress has there been on the project in recent months? * What are the kinds of situations where an alert or alarm might be triggered? And who would set those kinds of parameters? * Are you concerned that at least one European University has been petitioned by their student association to refuse to cooperate in any Project INDECT research? * What are the measures you'll be using to determine the success of the large-scale trial planned for the Euro 2012 football tournament? * How would you detect someone misusing access to INDECT data? * If fully implemented in Northern Ireland, approximately how many CCTV and speed cameras would be connected to the system? * Would the records on email and web browsing habits that UK ISPs are required to keep be included in the INDECT database? * Would it be possible for private businesses to make website activity or CCTV feeds available to INDECT? * Would you support private companies watermarking, or otherwise flagging, content to ease monitoring its reuse on the Internet? * Which non-public databases from police and security services would be added to INDECT to complement more public information? * Would you expect implementation of INDECT to improve collection of evidence leading to prosecutions? * Would data normally requiring a warrant or court order be held in INDECT? Would such be usable in a prosecution without an equivalent legal process to deem such evidence admissible? * Is the data collection required for INDECT not in violation of the privacy clauses contained within the European Convention on Human Rights? * Would implementation of an EU-wide version of INDECT with Europe-wide data sharing require UK parliamentary legislation? * Would actively seeking to keep browsing habits private, using tools such as The Onion Router (TOR) developed by the US Navy, be reason to flag someone for further investigation?
Depending on the answers, I may have a short followup with an additional two or three questions.