And yet, strangely, I have no desire to move to Greece.
posted by found missing at 4:14 PM on January 1, 2008 [1 favorite]

I just saw Red Road, about a woman who monitors the cameras that watch Scots pee (if they're peeing in public). I know it's fiction, but is the level of surveillance depicted in the film even close to being accurate?
posted by goatdog at 4:17 PM on January 1, 2008

Eponysterical?
posted by 0xFCAF at 4:22 PM on January 1, 2008

I see their upholding their own commitment to privacy by making their charts from tiny, impossible to read fonts.
posted by delmoi at 4:27 PM on January 1, 2008 [1 favorite]

You need to download the pdf, delmoi.
posted by puke & cry at 4:32 PM on January 1, 2008

I think what people need to understand is that computer technology greatly reduces the cost of surveillance, and therefore, people are going to spend the same amount of money on surveillance that they did before, and do more. One thing privacy activists could concentrate on is not only trying to ban surveillance, but making it more costly as well.

One way to do that would be to use https with every website you make, for example.
posted by delmoi at 4:32 PM on January 1, 2008

The UK was rated the worst in the EU. But there's some hope.

However for the first time Scotland has been given its own ranking score and performed significantly better than England & Wales.
posted by MrMerlot at 4:40 PM on January 1, 2008

While other Brits enjoy taking advantage of their neighbourhood CCTV cameras
posted by MrMerlot at 4:47 PM on January 1, 2008

One way to do that would be to use https with every website you make, for example.

Well, an SSL cert from Verisign (for instance) costs 400 bucks a year, which is more than a lot of people's hosting costs. I doubt this will happen, although I'd love to see it come into greater practice. You could, of course, use self-signed certs. Then again, if I get an untrusted cert security warning when I hit a website, I close that shit down.
posted by synaesthetichaze at 4:50 PM on January 1, 2008

And yet, strangely, I have no desire to move to Greece.

I would love to move to Greece.

Also, I'm guessing that the countries in grey have insufficient data or something, which disappoints me, because I basically just wanted to see how Korea ranked.
posted by stavrosthewonderchicken at 4:50 PM on January 1, 2008

Well, an SSL cert from Verisign (for instance) costs 400 bucks a year,

If your users are willing to use a certificate that isn't signed by an authority, they can still have an https connection. Barring that, there are now functinoal certs you can get for well under $50. They're nothing special, but they encrypt the data. Pretty much every website I develop from now on is going to have a cert -- not because I'm paranoid about privacy, but security -- they all have login, and I want login over https if possible.
posted by Deathalicious at 4:56 PM on January 1, 2008

Most users *aren't* willing to use a non-CA-signed cert, though, if they don't already trust the site in question. Myself included. Now, if it's an already-established community with the trust already there for the members, then it wouldn't matter so much.
posted by synaesthetichaze at 5:02 PM on January 1, 2008

Well, an SSL cert from Verisign (for instance) costs 400 bucks a year, which is more than a lot of people's hosting costs.

You don't need a cert to do SSL.
posted by delmoi at 6:47 PM on January 1, 2008

Most users *aren't* willing to use a non-CA-signed cert, though, if they don't already trust the site in question. Myself included.

Huh? Why not? You would rather have your communications unencrypted then use a non-CA signed cert? That makes no sense whatsoever.

If you use a non-CA signed cert, the user gets a dialog stating as much, other then that, nothing. It's still better then an unencrypted connection. And certification doesn't do you any good anyway, unless you actively check to make sure certs match.

I have an https area on my personal website, and I signed the certificate myself. It works perfectly.

If you'd rather have an unencrypted connection then use an unsigned certificate, you're probably a retard who doesn't deserve any privacy anyway.
posted by delmoi at 6:54 PM on January 1, 2008

(and by the way I trust "snakeoil" about as much as I do verisign)
posted by delmoi at 7:03 PM on January 1, 2008

I'm surprised that the US and the UK have the same rating. My impression of the UK is that they're much further along in surveilling their citizens. "Safe beneath the watchful eye," ubiquitous speedcams, and all that.
posted by ZenMasterThis at 7:22 PM on January 1, 2008

Giving the UK the same ID card rating (1, the lowest) as countries which actually have ID cards seems a mite unfair (the UK doesn't, but there are plans to in a few years' time, which may or may not actually happen).

Similarly, giving a 1 for constitutional protection is somewhat odd when a 2 is given for statutory protection. Since the UK doesn't have a codified constitution, all laws governing privacy would come under the statutory category — so how are they judging the constitutional category? Surely a '-' would be more appropriate.
posted by Burger-Eating Invasion Monkey at 7:46 PM on January 1, 2008

The U.S. was ranked worst in 9 of 13 catorgories in the report. Recommend all immigrants applying for visa's, and foreigners applying for citizenship, be given a copy to insure they know what they are getting themselves into. More than likely, they will change their mind and also donate to the organization that opened their eyes.

I see this as good thing. Because with less people in the country, our government can spent more resouces keeping the citizens here already under constant surveilence.
posted by brickman at 7:59 PM on January 1, 2008

True on the cameras, Zenburgerthis, but I suspect the UK isn't anywhere near as far along the road of phone-tapping and electronic eavesdropping as is the US.
posted by pompomtom at 8:05 PM on January 1, 2008

For instance, although telephone-tapping is legal for British police (given a warrant), it is not allowed to be used as evidence in a court case.
posted by Burger-Eating Invasion Monkey at 8:09 PM on January 1, 2008

If you zoom way, way down all the way into the U.S., that green speck is my house. Y'all keep out of my house.
posted by mr. creosote at 10:56 PM on January 1, 2008

Similarly, giving a 1 for constitutional protection is somewhat odd when a 2 is given for statutory protection. Since the UK doesn't have a codified constitution, all laws governing privacy would come under the statutory category — so how are they judging the constitutional category? Surely a '-' would be more appropriate.

While not having a written constitution, the UK does have a significant body of constitutional law. Statutory law are a large part of this but there's also constitutional conventions to take into account.
posted by biffa at 2:40 AM on January 2, 2008

I think David Brinn had it right in The Transparent Society, or at least partially right. As survelience equipment gets smaller and less expensive it becomes inevitable that governments and private groups will begin engaging in large scale survelience. Laws against it will only push it underground. So open the cameras and turn them around.

If there's a cam paid for by the government then I bloody well expect to be able to see through it, after all I paid for the damn thing. And there need to be cameras in the places where government agents monitor the cameras. If they want to monitor us, then we get to monitor them. They say "if we watch you it'll prevent crime", and I say "so if we want to prevent you from abusing your position we should watch you, right?"

Who will watch the watchers? All of us.
posted by sotonohito at 6:43 AM on January 2, 2008

sotonohito: In the UK, under the 1998 Data Protection Act you're entitled to any document (national security aside) that includes data on you, this includes any CCTV that features your image (though I think they have to blur out images of other people before providing it to you).
posted by biffa at 7:42 AM on January 2, 2008

biffa Not good enough. We need to be able to hop online and get streaming video from any government camera. After all, we [1] paid for them. How's the traffic look at 1st and whatever? Is Bob waiting for me at the shop, or is he running late too? For that matter, with a good wifi connection and a really feature rich phone: is there a thug lurking around the corner, or is it safe to walk on?

We also need cameras in every monitoring room broadcasting a constant stream of what the watchers are doing. Are they engaging in racial profiling? Using the cameras to try and spy on people having sex? We won't know unless we get to watch them at work.

[1] Or, rather, "you", since I'm a USAian, not a citizen of the UK.
posted by sotonohito at 8:09 AM on January 2, 2008

I'm not sure that's a decent solution, I don't fool myself that that the protections which are also in the Data Protection Act in my country are particularly effective in controlling who has access to info but there's huge potential problems that could arise from allowing full access to all. It's effectively suggesting that the best way to address concerns about reductions in privacy is to have no privacy whatsoever.
posted by biffa at 9:13 AM on January 2, 2008

Take heed, the country with the best privacy worldwide is the one where cameras were illegally used to record participants in the massive recent demonstrations against the pension reforms, "to prevent possible crimes". The National Committee of Telecommunications and Post had ruled against the use of the cameras for reasons other than traffic surveillance and six or seven of its members handed in their resignation, causing a rebuke from the relevant EU board (European Data Protection Supervisor, I think).

The tapping scandal wasn't investigated this year, the government can't decide what should be done with the privacy of alleged criminals, hidden cameras are used despite repeated rulings against them and a person from the Prime Minister's office refuses to give information on a case that reeks of economic scandals, claiming confidentiality of his sources as a journalist, despite his being a politician. And you know how banks et al. won't stop calling you to sell you stuff.

If that's the best privacy in the world, I feel sorry for the rest of you. It's mainly incompetence that hinders us from being lower on the list; don't feel bad for your country.

Are you reading this?
posted by ersatz at 9:20 AM on January 2, 2008

These watchers seem about as intelligent as the television-watching public here in the US. Spying on the private lives of Americans and Brits? BORING. I can't blame them, on the other hand, for not spying on Canadians very much (EVEN MORE BORING) but I wonder if they'd find more interesting viewing if they peeked into the homes of, say, Argentinians. I'll bet Argentinians lead pretty interesting lives. Especially out on the Pampas.

Also, I'm happy to see that Malta is being monitored more, and would like to see updates when I'll be able to watch the everyday lives of Maltese people as streaming video. I am willing to pay more if it involves falcons.
posted by koeselitz at 12:48 PM on January 2, 2008

biffa : In a public setting, such as on the street, people don't have any privacy whatsoever. Whether its the elite few employed by the state to look through the cameras, or whether its anybody who feels like it, if you live in a place where there are cameras monitoring the street you don't have any privacy on the street. I argue that we're better off if the cameras are acknowledged, and that you and I can look through them too, instead of making them the secret property of the police.

Mind you, we've never had any privacy in public spaces, that's why they're called "public spaces". You walk down the street and people can look at you, they can hire private investigators to follow you, etc. That was true in Ur and its true today. You want privacy, get off the street.

Which is why, from my POV, the real question is: will the cameras be a closed little racket, nothing but a tool of the state, and will they point one way only (ie: from them to us)? Or, given that the cameras will be there regardless, can we actually make use of them, and can we point a few at the watchers?
posted by sotonohito at 3:37 PM on January 2, 2008

If you'd rather have an unencrypted connection then use an unsigned certificate

I wouldn't, but Joe User doesn't know https from shit, and actually *would* rather. Most of the management I deal with at work, for instance. Of course it still works. They don't care, they don't want "this box." This is a financial organization, so they're all very paranoid about "security violations." Of course, none of them are competent to evaluate real security, and so, you end up with an unencrypted connection instead of a self-signed encrypted one for certain things, since it would cost too much to have a CA-signed cert... anyway.

Also, unsigned/self-signed certs leave one vulnerable man-in-the-middle attacks, however rare it might be. At least you've got a 3rd party saying "yes, this is really whoever.com." If I were running a business, I would buy the signed-cert.
posted by synaesthetichaze at 3:44 PM on January 3, 2008

(The cake is a lie!)
posted by Dave Faris at 10:28 AM on January 7, 2008 [1 favorite]