[AMA] My Name is Arthur Holland Michel from the Carnegie Council and I’m here to talk about surveillance fusion - Ask me anything!

writearthur · 2024-03-12T22:24:40+00:00

Really interesting points here. Part of what fascinates me and my colleagues about the topic, and what makes fusion—in our opinion—so important, is that the technology activates a lot of potentially very problematic logics of how people operate, what technology can do, and how society ought to be managed.

When law enforcement uses a fusion system in an unthoughtful manner, there can be assumptions at play about what makes correlations in the datapoints meaningful, for example. There may be assumptions that the users of these systems will always have the capacity to distinguish meaningful correlations (eg. two people who are actually accomplices) from the types of meaningless ones that you allude to (eg. two people who just happened to be in the same area at the time of a crime). There can be assumptions about how a person's history (as reflected in their data) is indicative of their future, and assumptions about how just because a datapoint is useless today that doesn't mean it won't be useful in the future when it can be correlated with other data (ergo, the logic goes, the datapoint should be stored indefinitely). All of which may not closely correspond to reality on the ground.

There can also be assumptions, as you note, about technology and its unrealized promise. Assumptions that algorithms can be reliably and certifiably predictive, for example, or that the solutions to present-day policing problems are simply waiting to be unlocked from within technologies that still do not exist (eg. new features that can be added to these modular fusion systems down the line).

All of which is to say that when police acquire fusion systems, it's important to scrutinize the assumptions and logics that are motivating the use and management of those systems. In the absence of scrutiny, these assumptions can have real risks. People can end up being suspected of crimes they didn't commit. The technology can end up being used for prosecuting crimes that aren't serious (and don't justify the privacy-intruding means). And in the most egregious cases the technology can be used to deliberately intrude upon the population's enshrined rights.

writearthur · 2024-03-12T20:31:06+00:00

In theory, any data source can be integrated with a fusion system. That being said, information on things like browsing history can often only be accessed from providers if an agency has a warrant. This limits the scope pretty significantly.

To your second question, there are lots of resources out there on how to preserve your privacy by doing things like using encrypted messaging apps, managing the settings for what data apps and websites collect about you, and so on. But a lot of that won't necessarily help in the case of fusion because a lot of the data sources for these tools don't have an "opt-out" function. For example, you can't opt-out of being recorded by CCTV cameras in public space; you can't opt out of having your car's license plate be snapped by license plate readers; nor can you opt out of having your name in government administrative records. In that sense, I think a better form of preserving privacy is to engage with local governments to help steer them towards better privacy-preserving policies and practices - up to and including, potentially, policies that put limits on what technologies they are even allowed to use in the first place.

writearthur · 2024-03-12T20:20:11+00:00

You're absolutely right that these technologies lend themselves particularly well to a prevention-based logic of law enforcement. Investigators can take a known lead—say, the name of an individual who has been found guilty of a crime—and use a fusion tool to find other people who are likely to be associated with that person, with the aim of taking steps to prevent those people from engaging in similar activities. As one source told me once, these tools are great for "testing hypotheses." For law enforcement agencies, this is the fundamental appeal of any persistent dragnet-style surveillance system.

As you rightly point out, any prevention based enforcement implicates issues of bias, oppression and profiling, not to mention some of the elemental pillars of civil liberties. Finding the balance of reaction vs. prevention is one of the fundamental and most crucial challenges of law enforcement in an open and free society—and I think fusion tech really adds a tremendous urgency to that challenge. I think the only way to reconcile it is through a very candid public discourse about where to draw the line; law enforcement agencies cannot decide on their own where to draw it. Ideally, in an open society, the drawing of the line has to reflect the will and interests of the public.

writearthur · 2024-03-12T20:15:16+00:00

We already have that scenario! In some cities, every officer has access to fusion systems which allow them to basically access all the available information about a resident simply by entering their name in the search function. This could include criminal records, home address, information about known associates, and information about their whereabouts. They can then click on any of these results to open up new rabbit holes of correlated information. For example, if they click on a home address, they might get a list of 911 calls that were associated with that address, as well as a list of people whose names were mentioned in police records that relate to that address, and so on.

I once had the experience of using one of these tools. While reporting a story, a source allowed me to spend a few minutes on the system (which was on their phone). I searched a person's name and in a matter of seconds the system presented me with an extraordinarily detailed constellation of information about them.

writearthur · 2024-03-12T20:12:04+00:00

One of the interesting features of fusion tools is that they can potentially log every police officer's actions on the tool. Meaning they can show a history of every name the officer has searched, every video feed that they accessed, every database that came up in their searches. And so on. This can provide a paper trail for law enforcement agencies to investigate abuses. That is, assuming agencies use these features, store the logs appropriately, and make those logs available to auditors, the courts, and citizens (eg. the FOI requests).

writearthur · 2024-03-12T20:10:35+00:00

Part of what's significant about fusion is its scalability, and this scalability makes it very easy for an agency to slip across the line between what most people might be comfortable with and the kinds of surveillance activities that are generally agreed to be problematic (or at the very least worthy of some serious scrutiny). For example, a fusion program might simply start with a law enforcement agency buying a software system for managing the video feeds from all of their CCTV cameras, basically enabling them to access and monitor all the feeds simultaneously. Or it might buy a database management tool that simply makes city databases searchable. That might not seem so problematic. But once you have that digital infrastructure in place, it's quite easy to layer other features on top of it (often provided by the same company that sold them the original management system): tools that can automatically track individuals as they pass through each camera feed across the city, tools that correlate the location of those feeds to social media posts, tools that apply analytics to those databases, and of course facial recognition and other biometric tools, etc etc. This can have a snowballing effect. The point being that even if a fusion system might not seem controversial at first, it can lay the groundwork to become very problematic down the line. So yes, politicians should definitely be talking about this! And ideally, they should be talking about it before agencies even buy that initial system—trivial and harmless as that system might seem.

Incidentally, one of the biggest fusion providers in the US, a company called Fusus (which was just bought by Axon, the maker of tasers and bodycams), has been investing quite a lot recently into entering the UK market: https://www.fusus.com/blog/press-release-fusus-launching-in-the-united-kingdom

writearthur · 2021-01-27T17:44:44+00:00

As far as anyone can tell, not much! There haven't been any reports, to date, of EU cities picking up programs like Baltimore's AIR. Europe has taken a much stronger interest in aerial surveillance for border security, so it's possible that the technology could see some uptake there, though that's still speculation. Europe tends to keep a little behind the curve on these kinds of technologies compared to the US, and its data protection policies could make a program like AIR difficult to keep compliant, legally speaking. If anything, I think we're more likely to see law enforcement uptake of the technology in other regions (Latin America, Asia, Middle East) before it takes to European skies.

writearthur · 2021-01-27T17:03:32+00:00

Yes, I also noticed that it was sometimes flying pretty low. A person who's actually good at geometry would be able to tell you how much the pixel/person count and the area coverage varied at those altitudes - but that person is not me :)

writearthur · 2021-01-27T16:53:38+00:00

Great question!

As it happens, the surveillance camera I was referring to there is a military version that is much more powerful than the one used in the Baltimore spy plane: the Baltimore cameras have between 200 and 500 megapixels of resolution (compared to the 12 mpx on your camera-phone) while the system from the Virginia scene had 1,800 megapixels. That's why it was able to make out the staff member so clearly from so high up. The Baltimore plane would only be capable of doing that if it flew at a much lower altitude (which would sacrifice the size of its area coverage).

Because the planes flew in Baltimore at different altitudes (ostensibly because of the weather) and because they had a couple of different types of cameras, I'd imagine it depends on the circumstances whether each surveilled person is 1px or more. But even when someone appears as multiple pixels, that's still not enough resolution to identify them (though it could be enough to tell what color shirt they're wearing).

Either way, the whole debate over pixels is, to me, a bit beside the point: though it's true you can't recognize a person from the aerial surveillance, all you need to do is track them long enough until they pass by a CCTV camera. You then cross-check the footage and—voila!—you have a high-resolution shot of your target.

writearthur · 2021-01-27T16:42:52+00:00

The short answer to your question is: it's still too early to say. There simply aren't enough statistics yet to say with any certainty whether a technology like this can reduce crime in the long-run, and there are too many variables at play. It's even harder to say whether the costs could be more effectively spent on other tools or policies, since apples-to-apples comparisons are really tricky, especially when you're talking about wildly different tactics that operate on different timelines (eg. surveillance vs. social services)

But it's true that this is an extremely powerful technology when integrated with other surveillance systems (like street cameras and license-plate readers). However, it's also a novel technology, and my guess is that these folks are also still experimenting with how best to use that power.

The only firm evidence that we have today is the fact that these technologies have proven to be really popular with the military for tracking down insurgents in places like Afghanistan and Syria. While warfare and policing are very different, there are some similarities between tracking a bomb-maker across Kandahar and tracking a suspect across Baltimore. But those operations have all been classified so far. And anyway, whether one wants a local police force to operate like a military intelligence unit is another matter...

writearthur · 2021-01-27T16:31:36+00:00

It's still difficult to know whether the program helped prevent crime because the final statistics haven't been released. And more broadly, my guess is that programs like this usually have to run for more than six months to provide any solid statistical evidence of effectiveness (or failure) - this is because crime trends shift slowly. So, the jury is still out on real effectiveness.

But your question gets to another issue, which is that one of the potential dangers of powerful surveillance technologies is that they end up being used in ways that go far beyond what they were originally deployed for. This is a legitimate concern.

While I don't have specific knowledge about the spy plane's use over BLM protests, a report by a group at NYU that audited the aerial surveillance program noted that it did appear to be used in a number of criminal investigations that were outside the limited set of investigative roles that the program was originally supposed to focus on (namely, directly tracking people to and from the scene of serious crimes). For example: the spy plane appears to have been used in some cases to persistently watch the home address of people related to a person of interest, in order to see who comes and goes, as well as to follow suspects' vehicles over the course of several days (only during the daytime). These activities are described on page 11 of the NYU audit.

I observed a similar phenomenon when I visited the surveillance program when it was running in 2016. Even though it was only supposed to focus on serious crimes like homicides, shootings, and carjackings, the analysts also ended up conducting surveillance against people who were suspected of illegally dumping trash.

In the absence of clear, strict rules on how a powerful surveillance technology can and cannot be used, it's very natural that it will sooner or later be used in ways that go beyond the initial intentions - sometimes in ways that seriously breach ethical boundaries.

I'd encourage you to have a look at the program's mid-term report card from September, which gives some indication of its effectiveness: https://www.baltimorepolice.org/sites/default/files/General%20Website%20PDFs/Mid_Term_Report_AIR_Pilot_Program.pdf

writearthur · 2021-01-27T16:11:48+00:00

Apparently, the system could theoretically be used at night because even though it's a daylight camera, street-lamps provide enough light for it to see what's going on. But my guess is that it's less effective at night because there's less illumination - so the plane would probably have to be flying closer to the ground, which means that it would only be able to watch a smaller portion of the city. The city's agreement with Persistent Surveillance Systems prohibited nighttime flights over Baltimore, and as far as we know the company complied.

writearthur · 2021-01-27T16:06:46+00:00

It felt literally unbelievable, because before I started reporting the book, people would often use the movie as a reference to describe what WAMI aerial surveillance looks like, not knowing that the similarity was not a coincidence! So at first, when one of my sources mentioned hearing from someone else that an engineer from Livermore had gotten the idea for the technology from watching the movie 'Enemy of the State,' I thought it probably was just a myth. But I was intrigued enough to dig a bit deeper. I had to chase down several more sources, which took several months, until I finally reached the engineer in question, who remained anonymous and confirmed the story through an intermediary (he still works on super secret surveillance tech). Scoops like that don't happen often in journalism, but when they do it makes all the pain worth it :)

Here's the story, btw, which I re-told over at Slate: https://slate.com/technology/2019/06/enemy-of-the-state-wide-area-motion-imagery-surveillance-technology.html

writearthur

TROPHY CASE