With pride, he sees his company’s algorithms helping drive internet surveillance to perfection. “There are many different demands – early warning, policy support, competitive spying between government departments. In the end, this will create a whole industry.”

If this represents a shift, however, from targeting individual trouble makers to attempting to read and predict shifts in overall public opinion, I’m not sure how this is a step backward. Although the article is painfully short on details, a quick look at the company’s own web site suggests the technology, called InfoRadar, is much like that offered by Umbria, the social media analysis division of J.D. Power and Associates.

Photo, ID required in Beijing Internet cafes

When Zhang Lihong entered Suosi Internet cafe in Xicheng District, Beijing Oct. 16, she noticed something new on the counter- a machine with a digital camera and scanner.

“Please have your photo taken, and your ID card scanned here,” the clerk stood up and said.

Zhang was confused and wanted to know why she had to do this. The clerk explained that authorities are trying to crack down on Internet misuse in the city.

The 24-year-old’s photo and a copy of her resident identity card were sent to the Municipal Law Enforcement Agency of Beijing and placed in a file.

Zhang was then given a four-digit password, escorted to a computer, and told to enter her information on an interface to activate the computer.

“You don’t need to go through the same process again when you visit Internet cafes like us,” the clerk explained. “By providing your ID number, you can check in after we verify your filed information.”

Zhang smiled as she started to surf the Internet.

“This is a reasonable measure. You spend two minutes and you can enjoy a healthier virtual world,” she said. “Today, there are many hackers, net rumors being spread around and people sending erotic content. Now that users have their images taken, they dare not do bad things.”

A spokeswoman from the Municipal Law Enforcement Agency of Beijing said 1,500 Internet cafes in 14 districts and counties of the city have the same device. It is called the Beijing Internet Cafe Customer Registration Device.

“By the middle of December, Internet cafes in another four districts and counties of Beijing will receive these devices,” said the spokeswoman who wanted to remain anonymous.

“The new device annoyed me a lot at first,” said Li Yunfei, the manager of Suosi Internet Cafe. “80% of my customers just went away when they saw the device. My cafe was like an empty classroom.”

After a month, people become used to it, however, and Li’s turnover recovered.

“After all, I need to use it, or I will be fined and will lose my reputation,” Li said.

Jia Fei, the manager of Hailetong Internet Cafe, a chain with more than 500 computers, believes the new system makes his work more efficient.

“Now I can easily track the exact online time of my customers and when they switch to other computers,” Jia said. “If someone commits Internet crimes, I can help the police to pin him.”

Ma Zhengnan expressed relief when she heard about the new devices outside an Internet cafe near her 18-year-old son’s high school.

“This can keep students away from indulging in computer games,” Ma said.

However, some netizens dislike the law enforcement initiative.

“I will not go to Internet cafes any more,” said Li Weiwei. “Who knows if my personal information is being exposed to people with bad motives.”

(Xinhua News Agency October 17, 2008)

Will governments be able to subpoena server log data after it is anonymized? Will anonymized data still be able to identify an individual user by cookie or IP address? Google does comply with valid legal process, such as search warrants, court orders, or subpoenas seeking personal information. Logs anonymization does not guarantee that the government will not be able to identify a specific computer or user, but it does add another layer of privacy protection to our users’ data.

Will this policy change make it more difficult for law enforcement to prevent and detect crime or child exploitation? No, current laws allow the government to request that companies preserve user data. We regularly comply with such laws.

What happens to the logs at the end of the expiration date? Are they deleted? At the end of the expiration date we will still keep server logs but they will be anonymized.

At the time, the process of anonymization involved deleting the first four digits of the IP address and altering associated individual cookie data in an unspecified way. With the new 9 month policy, Google states that it might do something different. The only thing that this policy means is that your search logs data older than nine months will not be used for services like “automatic search correction,” which corrects typos on the fly based on your prior search patterns, or to serve you ads. It does not mean that your personal search behavior older than 9 months won’t be accessible to state policing organizations.

Instead of joining the Tor network directly, thereby revealing your intention, you first connect to a computer set up by your friends or colleagues, who then introduce you to the Tor network (a “virtual bridge”, they call it). Because the Chinese cannot know in advance who these friends of yours will be (technically speaking, their IP address), they cannot pre-empt by blacklisting. Once you do connect through the bridge to the Tor network, it is almost impossible for surveillance agencies to know that you are using Tor.

… the Party found itself increasingly in a reactive posture, unable to push its own messages. This problem was compounded by more than a decade of commercial media reforms, which had driven a gap of credibility and influence between commercial Web sites and metropolitan media on the one hand, and old party mouthpieces on the other.
….

China’s Culture Ministry now regularly holds training sessions for Web commentators, who are required to pass an exam before being issued with job certification. A Chinese investigative report for an influential commercial magazine, suppressed by authorities late last year but obtained by this writer, describes in some detail a September 2007 training session held at the Central Academy of Administration in Beijing, at which talks covered such topics as “Guidance of Public Opinion Problems on the Internet” and “Crisis Management for Web Communications.”

It is worth noting that this practice is hardly unique to China. Just a few months ago, the New York Times published a story (April 20) about the Pentagon’s use of “message force multipliers” to make sure that its preferred take on the Iraq War dominated the television airwaves.

Hidden behind that appearance of objectivity, though, is a Pentagon information apparatus that has used those analysts in a campaign to generate favorable news coverage of the administration’s wartime performance, an examination by The New York Times has found.

The effort, which began with the buildup to the Iraq war and continues to this day, has sought to exploit ideological and military allegiances, and also a powerful financial dynamic: Most of the analysts have ties to military contractors vested in the very war policies they are asked to assess on air.

It’s safe to say that the analysts deployed by the Pentagon are making more than fifty cents per message.

More details:

INTERNATIONAL RED CROSS

WORLD VISION

U.S. TAX DEDUCTABLE TO CHINESE RED CROSS

IN CHINA/IN CHINESE

Microsoft device helps police pluck evidence from cyberscene of crime
By Benjamin J. Romano
Seattle Times technology reporter

Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that may have been used in crimes.

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB “thumb drive” that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.

The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer’s Internet activity, as well as data stored in the computer.

It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.

“These are things that we invest substantial resources in, but not from the perspective of selling to make money,” Smith said in an interview. “We’re doing this to help ensure that the Internet stays safe.”

Law-enforcement officials from agencies in 35 countries are in Redmond this week to talk about how technology can help fight crime. Microsoft held a similar event in 2006. Discussions there led to the creation of COFEE.

Smith compared the Internet of today to London and other Industrial Revolution cities in the early 1800s. As people flocked from small communities where everyone knew each other, an anonymity emerged in the cities and a rise in crime followed.

The social aspects of Web 2.0 are like “new digital cities,” Smith said. Publishers, interested in creating huge audiences to sell advertising, let people participate anonymously.

That’s allowing “criminals to infiltrate the community, become part of the conversation and persuade people to part with personal information,” Smith said.

Children are particularly at risk to anonymous predators or those with false identities. “Criminals seek to win a child’s confidence in cyberspace and meet in real space,” Smith cautioned.

Expertise and technology like COFEE are needed to investigate cybercrime, and, increasingly, real-world crimes.

“So many of our crimes today, just as our lives, involve the Internet and other digital evidence,” said Lisa Johnson, who heads the Special Assault Unit in the King County Prosecuting Attorney’s Office.

A suspect’s online activities can corroborate a crime or dispel an alibi, she said.

The 35 individual law-enforcement agencies in King County, for example, don’t have the resources to investigate the explosion of digital evidence they seize, said Johnson, who attended the conference.

“They might even choose not to seize it because they don’t know what to do with it,” she said. “… We’ve kind of equated it to asking specific law-enforcement agencies to do their own DNA analysis. You can’t possibly do that.”

Johnson said the prosecutor’s office, the Washington Attorney General’s Office and Microsoft are working on a proposal to the Legislature to fund computer forensic crime labs.

Microsoft also got credit for other public-private partnerships around law enforcement.

Jean-Michel Louboutin, Interpol’s executive director of police services, said only 10 of 50 African countries have dedicated cybercrime investigative units.

“The digital divide is no exaggeration,” he told the conference. “Even in countries with dedicated cybercrime units, expertise is often too scarce.”

He credited Microsoft for helping Interpol develop training materials and international databases used to prevent child abuse.

Smith acknowledged Microsoft’s efforts are not purely altruistic. It benefits from selling collaboration software and other technology to law-enforcement agencies, just like everybody else, he said.

Benjamin J. Romano: 206-464-2149 or bromano@seattletimes.com

Copyright © 2008 The Seattle Times Company

From January 2005 to September 2007, Verizon provided data to federal authorities “on an emergency basis” 720 times. The records included Internet protocol addresses as well as phone data. In that period, Verizon turned over information a total of 94,000 times to federal authorities armed with a subpoena or court order. The information was mainly used for a range of criminal investigations including counter-terrorism investigations (The Washington Post, October 16, 2007).

In August 2007, the United States’ National Intelligence Director Mike McConnell revealed that fewer than 100 people inside the United States are monitored under the Foreign Intelligence Surveillance Act (FISA) warrants. However, he said, thousands of people overseas are monitored (The Associated Press, August 23, 2007). The FBI is embarking on a 1 billion U.S. dollars effort to build the world’s largest computer database of peoples’ physical characteristics, called Next Generation Identification, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad. The increasing use of biometrics for identification is raising questions about the ability of Americans to avoid unwanted scrutiny (FBI Prepares Vast Database Of Biometrics, The Washington Post, December 22, 2007).

Statistics show that the government’s illegal dragnet electronic surveillance has put sensitive personal information from millions of people at risk. 477 breaches into government databases were found in 2006 alone. More than 162 million records were reported lost or stolen in 2007, triple the 49.7 million that went missing in 2006 (USA Today website, December 10, 2007). In July 2007, the Homeland Security Department granted more than 4 million U.S. dollars to install 175 video cameras on the streets of cities including St. Paul, Madison (Wisconsin State) and Pittsburgh. The Boston Globe estimated that up to hundreds of millions of dollars were being spent by the department to install new surveillance systems around the country, accelerating the rise of a “surveillance society” (The Boston Globe, August 12, 2007).

It is worth noting that these kinds of initiatives are not unique to Chinese politics. Last fall, Donald Kerr, the principal deputy director of U.S. national intelligence, stated that no American should expect to speak or act today without casting a data shadow that is visible to the federal government. Last week, Kentucky lawmaker Tim Couch submitted a bill that would “would require anyone who contributes to a website to register their real name, address and e-mail address with that site.”

Although the current Beijing government initiative focuses only on net cafe users and not people going online from work or home, there is a long history of failed state government attempts to have customers of net cafes register their real names. With the Olympics fast approaching, the stakes may be a bit different. This bears watching.

Update: the original story, in Chinese, is at CE.CN (China Economics Network), dated March 11.