28C3 - Version 2.3.5

28th Chaos Communication Congress
Behind Enemy Lines

Day Day 1 - 2011-12-27
Room Saal 3
Start time 21:45
Duration 01:00
ID 4813
Event type Lecture
Track Hacking
Language used for presentation English

Macro dragnets: Why trawl the river when you can do the whole ocean

What happens when data collection goes awry in the 21st century

As governments increase their data collection capabilities software developers are stepping up to both utilize and augment surveillance capabilities. DNA databases, facial recognition, behavioral patterning, and geographic profiling are all in use today. Police are crowdsourcing identification of suspects and citizens are willingly participating. This talk will cover real technologies in place today as well as educated speculation of what is coming next.

Conspiracy theorists have been questioning the degree to which anyone truly has privacy for quite some time. State ID & fingerprints have given way to electronic passports & DNA analysis. With the increasing number of DIY BIO groups it isn't outside the realm of speculation to see clandestine collection & generation of genomic information by a state actor. Police agencies are engaging in genomic data collection of suspects, witnesses, and victims with no guarantee of the information safety of those individuals. The current scope of laws in the United States limits "genetic discrimination" to "health insurance and employment decisions" with no limitations on the implication of guilt or agency in a crime at the federal level. Similarly companies are collecting photographs of individuals from online services and using them as the corpus for facial recognition techniques which are then leased to government actors.

The goal of this talk is to: Address the current vectors for public identification Discuss potential countermeasures for identification dragnets Analyze the role of genomic screening Review case studies of individuals trying to avoid "the system" and crowdsourced attempts to identify the individuals Imagine one was "erased" from these databases. How can one re-establish positive identification (and would they want to)?

Archived page - Impressum/Datenschutz