AMY GOODMAN: You’re listening to Pacifica Radio’s Democracy Now! I’m Amy Goodman.

Super Bowl fans never knew it, but police video cameras focused on their faces, one by one, as they streamed through the turnstiles in Tampa, Florida, last week. Cables instantly carried the biometric images to computers, which spent less than a second comparing them with thousands of digital portraits of known criminals and suspected terrorists. In a control booth deep inside the stadium, the police watched and waited for a match.

What’s the surveillance all about? And, well, what about the increasing monitoring of our lives, our internet surfing habits, medical records, following us perhaps by cellphone, intercepting email?

We’re joined by a number of experts to talk about it. Let’s begin with David Banisar of Privacy International.

What’s your reaction to the Super Bowl surveillance?

DAVID BANISAR: Well, from what we know, the police, in conjunction with the NFL and a couple of private companies, set up a video surveillance system, that wasn’t just your standard video cameras. These cameras actually had specialized software that were designed to identify people based on what their faces look like, and then compare those faces with a database of photographs. And they did this for several days, looking for people. And it appears that the only person that they were able to identify was a suspected scalper, who they then tried to chase down, and he had already left. So it doesn’t even seem like it was a particularly successful test. But nonetheless, they were scanning and keeping track of thousands of people simultaneously who had never done anything wrong.

AMY GOODMAN: Now, apparently, this was for a Massachusetts company that just wanted to test its technology so it can sell it to law enforcement around the country.

DAVID BANISAR: I mean, it’s all fine and well for them to test it, but they should get consent from people before they start secretly monitoring them. People going to the Super Bowl shouldn’t be their test-fed guinea pigs for doing this.

AMY GOODMAN: Mark Uncapher, you work for the industry trade group, Information Technology Association of America, in Arlington, Virginia. What’s your response?

MARK UNCAPHER: Well, it’s kind of hard for me to address. Obviously, I focus more on the online. Part of the challenge is to get consent in a manner that’s nonintrusive. That’s why, on the online world, we look to having technology tools that allow to kind of do automatic tracking of whether or not what a particular website meets a consumer’s privacy preferences. It’s kind of hard for me to comment on how you could possibly have gotten consent from 80,000-plus people. It does seem that we’re going to be able to do that in the online world using the technology of P3P, which will be incorporated in most browsers in fairly short order.

AMY GOODMAN: Jason Catlett, your group, Junkbusters, is concerned about privacy issues. What do you think about Super Bowl surveillance?

JASON CATLETT: Yeah, I track mainly the use of marketing data about people, and governments are a primary source of that. There have been some cases where, for example, supermarkets have gone out with men in white coats and written down the license plates of the cars of shoppers who shop in the supermarket and then look it up in government databases. And that, I think, is another example of how gathering of information without people’s consent is really unacceptable. And what is necessary is to have a law that requires institutions, such as the Super Bowl stadium, such as government agencies and such as direct marketers, to obtain the consent of people before collecting data about them.

AMY GOODMAN: Mark Uncapher, what about that issue of letting people know what’s happening?

MARK UNCAPHER: Sure. I think one of the things that we really ought to focus on is probably where the real consumer interest is. People care most about not so much the medium and the method that information is collected, but how information is used. And that’s why our laws tend to focus on the use of sensitive information, like financial and healthcare and information about kids. And that seems generally to be a kind of pragmatic way of addressing what does seem to be the primary public concern about how information is used, as opposed to how it’s collected.

AMY GOODMAN: David Banisar, your response?

DAVID BANISAR: Well, I mean, actually, our laws are possibly the worst on some of the most sensitive areas. Congress has recently passed a bill on financial privacy that has immense numbers of loopholes. And in many cases, consumers can’t even ask to be removed from lists that are being used by financial institutions. Medical records, after many, many years, the federal government just passed some regulations. They weren’t even able — the Congress wasn’t able to pass a law on this. And the regulations allow for hospitals and insurance companies and pharmacies and others to use your personal information to market you. They’re able to take your prescription information or your clinical information about some drug that you might be taking that could be very sensitive — something on AIDS or Viagra — and send you mail saying, you know, “Hey, you’re using Viagra. Why don’t you use BeHard instead?”

AMY GOODMAN: Can you tell us about some of the other forms of surveillance that you’re concerned about?

DAVID BANISAR: Well, I mean, technology is really driving a renaissance in surveillance. And it’s a very wide category of things, everything from — on the online world, there was just recently one of the major companies that sells switches started offering software that would allow internet service providers to watch every move that you do as you surf the net and then use that information for marketing purposes. There’s no consent involved there. There’s no P3P, which we think is a bit of a joke. We call it “pretty poor privacy,” wouldn’t help there. This is something that’s going on at the internet service provider level, and it’s being one completely secretly. Similarly, the FBI has a program called Carnivore —

MARK UNCAPHER: Is it actually being used now?

DAVID BANISAR: Pardon me?

MARK UNCAPHER: Is it actually being used now?

DAVID BANISAR: Not yet.

MARK UNCAPHER: OK.

DAVID BANISAR: As far as I know, they just started selling it.

JASON CATLETT: Well, actually, some ISPs, such as particularly the free ISPs, do in fact build up —

AMY GOODMAN: Jason Catlett of Junkbusters.

DAVID BANISAR: That’s a good point.

JASON CATLETT: Some ISPs, such as the free ISPs, do actually watch where people go and build up profiles. But that’s an unusual infrastructure. What this new company — what this company suggested doing was that it become a standard feature of internet service provision, that the user was monitored by name according to his surfing habits and targeted with advertising based on a profile assembled.

MARK UNCAPHER: But, Jason, I mean, actually, the free ISP is kind of a good example. Clearly there, there’s a very expressed bargain with consumers.

AMY GOODMAN: This is Mark Uncapher.

MARK UNCAPHER: This is Mark. You get —

AMY GOODMAN: Of Information Technology Association of America.

MARK UNCAPHER: You get free internet access service in exchange for getting a lot of pop-down ads and very focused marketing. That is, for consumers, a very conscious trade-off which they make. Obviously, clearly, a lot of consumers would prefer not to and opt to pay a certain amount per month. But it’s a consumer choice issue.

JASON CATLETT: Sure. And I’m happy for consumers to have that choice; however, they should have certain rights there, including the ability to see the profile that is developed and to have it deleted if they choose to terminate the service. They don’t have that right now guaranteed by U.S. law.

AMY GOODMAN: Jason Catlett of Junkbusters, what about other countries?

JASON CATLETT: Well, Canada recently passed a very strong, comprehensive privacy law, which gives people exactly those rights, the right to see the profiles and data that’s held by companies about them, to delete it, to correct it. It requires consent in many cases, and it limits collection to what the law puts in a rather vague term, what a reasonable person would consider appropriate in the circumstances. The law necessarily has to be vague. But I think that’s an important factor, because, otherwise, excessive data collection is legal. In other countries around the world, there are also strong privacy laws of that nature. And David Banisar has written a report on this topic, and he might like to comment.

AMY GOODMAN: David Banisar of Privacy International?

DAVID BANISAR: Well, I looked at what was going on in 50 countries. And about somewhere between 30 and 40 of the world’s major industrial countries already have some sort of comprehensive law in place that covers aspects of collecting information and giving consumers basic rights. Canada is one of the most recent examples, but also places like Chile, Argentina and Paraguay all have passed laws in the last year also. The U.S. is really the last major industrialized country in the world that doesn’t have — that doesn’t provide for basic consumer protections, that doesn’t provide for a baseline of protection for protecting your privacy. It really does rely either on very specific laws that protect your video rental records or your cable TV records, or, otherwise, on self-regulation by industry, which generally has not worked.

AMY GOODMAN: Mark —

MARK UNCAPHER: If I could — can respond to that, I mean, there is, in fact, a privacy regulatory system in the United States. It’s just different in that instead of being comprehensive, it focuses in specific sectoral areas where consumers are the most sensitive. So, whereas, say, the European laws affect whether or not you can store information on airline seat assignment preference, the U.S. laws focus — again, we can talk about the specifics of it, but the regulatory system focuses on the specific areas which I think we would all generally agree tend to be the most sensitive areas for consumers.

AMY GOODMAN: But, Mark Uncapher, doesn’t your trade association, the Information Technology Association of America, oppose these kind of privacy regulations?

MARK UNCAPHER: Well, our general position, we focus particularly on the internet, that consumers care about the information as opposed to the medium being used to collect the information. So, our sense is that there ought not to be any special rules that apply to the internet. You can collect just as much information, say, from when a consumer fills out a warranty card and drops it in the post and sends i in. So, our feeling — and probably this is one that Jason and David and I would all agree on — is that the rules ought to apply across the board and should not be exclusive just to a particular medium of collection.

AMY GOODMAN: David Banisar, could you explain the pen register warrant in Carnivore? Explain what it is, even for people who don’t use the internet.

DAVID BANISAR: Sure. Let me actually say one thing about the U.S. system. As I said before, it’s very ad hoc. There are — and it doesn’t just cover sensitive things. There are a variety of legislation that isn’t comprehensive at all — in some cases, like medical records and financial records, are not covered very well. But on the other hand, your video rental records are covered very well, because somebody pulled Bork, Supreme Court nominee Bork’s video rental records during his nomination process, so they actually passed a law on that. So, it’s hard to imagine almost a worse system than the United States, except in places maybe like China and Singapore, where they don’t have anything at all, because it is technology specific. It is your video rental. It is your cable TV. It is just your phone records. But it doesn’t cover anything related to the internet. And every time a new technology comes in, it’s not covered, because the way the laws are written, they don’t cover the broad scope of things. They don’t cover the information; they cover the technology in a lot of cases. And that’s a real problem.

On the issue of Carnivore, Carnivore is a FBI program. It’s basically something running on, more or less, a standard personal computer that they then take to an internet service provider and place on their system so that they can monitor the activities of some particular user. Now, there are a couple different standards for the warrants. When they’re supposed to be monitoring people’s email, they’re supposed to get a full court order, based on the Fourth Amendment, based on probable cause. But when they want to monitor somebody’s traffic, when they want to monitor what you’re browsing, when they want to monitor who you’re talking to, how long you’re online, they don’t actually have to get a real court order. They can get something called a pen register order. And a pen register is an old-fashioned machine that physically monitors a phone line to see what lines are — what phones you dial. So, if you call your friend Joe, it collects Joe’s phone number, but that’s it. They’re using this pen register warrant to collect information on where you’re browsing on the internet, which can be very sensitive information, if you’re visiting AIDS sites, if you’re visiting labor sites, if you’re visiting political sites of some bent that perhaps your boss or the FBI or whoever doesn’t like. That can be very sensitive information. And the kind of order they can get basically says, “We can do anything we want. We can collect this. And we don’t have to prove that you’re a criminal. All we have to do is prove that we’re interested in you because there might be some sort of potential case coming up.”

AMY GOODMAN: Are employers using email monitoring more and more?

DAVID BANISAR: It’s quite prevalent in the industry, it appears, these days. It’s being done at the server level. And this is another area where there are no legal protections. Employers are not even required to tell their employees that they’re doing the monitoring.

AMY GOODMAN: On that note, I want to thank you all for being with us. A very interesting conversation. David Banisar of Privacy International, your website?

DAVID BANISAR: It’s www.privacyinternational.org.

AMY GOODMAN: Jason Catlett of Junkbusters, yours?

JASON CATLETT: Www.junkbusters.com.

AMY GOODMAN: And Mark Uncapher of the trade association, Information Technology Association of America?

MARK UNCAPHER: Sure, www.itaa.org.

AMY GOODMAN: Thanks, all, for being with us.

DAVID BANISAR: Thank you.

JASON CATLETT: Thank you.

AMY GOODMAN: And you’re listening to Pacifica Radio’s Democracy Now! Back in a minute.