Category Archives: Security

Papers from “Where’s the Value? Emerging Digital Economies of Geolocation” session

The written texts from the AAG panel session I co-organized with Agnieszka Lesczczynski entitled “Where’s the Value? Emerging Digital Economies of Geolocation” are now available. The panelists were Elvin Wyly (UBC), Rob Kitchin (National University of Ireland at Maynooth), Agnieszka Leszczynksi (University of Birmingham) and Julie Cupples (University of Edinburgh).

Two were posted to blogs (linked below) and two are reproduced below. Although I posted links to a couple of these previously, this blog entry collects them all. (Two panelists, Sam Kinsley and David Murakami Wood, were regrettably unable to attend.)

Thanks again to all!

~ ~ ~

Elvin Wyly: “Capitalizing the Records of Life” (see below)

Rob Kitchin “Towards geographies of and produced by data brokers

Agnieszka Leszczynski “What makes location valuable? Geolocation as evidence, meaning, & identity” (see below)

Julie Cupples “Coloniality, masculinity and big data economies

And here again is the audio from the session.

~ ~ ~

“Capitalizing the Records of Life”
Elvin Wyly, UBC

Let me begin with a confession.  I did some homework reading the cv’s of my colleagues on this panel, and this is where I found the answer to our central question, “Where’s the value in the emerging digital economies of geolocation?”  I.  Am.  In.  Awe.  It’s here, right here, right now, in the intersecting life-paths of extraordinary human geographers coming together to share the results of labor, creativity, critical insight and commitment.  Julie Cupples’ work on decolonizing education and geographies of media convergence intersects with Agnieszka Lesczynski’s inquiry into the gendered dimensions of the erosion of locational privacy and the “new digital spatial mediations of everyday life,” and Sam Kinsley’s ‘Contagion’ project on the movement of ideas through technologically mediated assemblages of people, devices, and algorithms.  David Murakami Wood’s Smart Cities project and editorial assemblage in the journal Surveillance and Society respond directly to the challenges and opportunities in Rob Kitchin’s (2014) call in The Data Revolution for “a more critical and philosophical framing” of the ontology, epistemology, ideology, and methodology” of the “assemblage surrounding” the production and deployment of geolocational data.  And many of these connections have been the subject of wise anticipatory reflections on Jeremy Crampton’s Open Geography, where the adjective and the verb of ‘open’ in the New Mappings Collaborative give us a dynamic critical cartography of the overwhelming political and knowledge economies of spatialized information.

As I read the cv’s of my panelists, it became obvious that the value of a record of a life — that’s the Latin curriculum vitae — is the new frontier of what James Blaut (1993) once called The Colonizer’s Model of the World, and what Kinsley (2014) has diagnosed as “the industrial retention of collective life.”  Smart cities, the social graph, the Internet of Things, the Quantified Self, the Zettabyte (270 bytes) Age analyzed by Kitchin:  all of this signifies a new quantitative revolution defined by the paradox of life in the age of post-humanist human geography.  In the closing lines of Explanation in Geography, David Harvey announced “by our models they shall know us” — a new generation of human geographers bearing the models and data of modern science; today, it’s the algorithms, models, and corporations that arrive bearing humans — millions and billions of them — whose curricula vitae can be measured, mapped, and monetized at scales that are simulteneously perrsonalized and planetary.  Facebook alone curates more than 64 thousand years of human social relations every day (four-fifths of it on mobile devices and four-fifths of it outside the U.S. and Canada) and LinkedIn CEO Jeffrey Weiner (quoted in MarketWatch, 2015) recently declared, “We want to digitally map the global economy, identifying the connections between people, companies, jobs, skills, higher educational organizations and professional knowledge and allow all forms of capital, intellectual captial, financial capital, and human capital to flow to where [they] can best be leveraged.”

Capitalized curricula vitae, however, are automating and accelerating what Anne Buttimer once called the ‘dance macabre’ of the knowledge economies of spatialized information, because the deceptively friendly concept of ‘human capital’ is in fact a deadly contradiction:  capital is dead labor, the accumulated financial and technological appropriation of surplus value created through human labor, human creativity, and human thought.  Buttimer’s remark about geospatial information being “a chilly recording by a detached observer, a hollow rattle of bones” hurt — because this is what she said in a conversation to the legendary time-geographer Torsten Hägerstrand, who in the 1940s spent years with his wife Britt in the church-register archives of a rural Swedish parish to understand “a human population in its time and space context.  Here’s what Hägerstrand (2006, p. xi) recalls:

 “[We] worked out the individual biographies of all the many thousands of individuals who had lived in the area over the last hundred years.  We followed them all from year to year, from home to home, and from position to position.  As the data accumulated, we watched the drama of life unfold before our eyes with graphic clarity.  It was something of stark poetry to see the people who lived around us, many of whom we knew, as the tips of stems, endlessly twisting themselves down in the realm of times past.”

Hägerstrand wrote that he was disturbed and alarmed by Buttimer’s words, and I am too, because Allan Pred (2005, p. 328) began his obituary for Hägerstrand by quoting Walter Benjamin, emphasizing that it is not only knowledge or wisdom, but above all real life — “the stuff stories are made of” — which “first assumes transmissible form at the moment of …death.”  But just as “every text has a life history” (Pred, 2005, p. 331) that comes to an end, now Allan Pred’s curriculum vitae has also assumed transmissible form of the market-driven, distorted sort you can track through the evolving Hägerstrandian time-space prisms of the digitized network society.  Hägerstrand is dead, but he has a Google Scholar profile that’s constantly updated by the search robots, and the valorized geolocatable knowledge of his citations put him in a dance macabre of apocalyptic quantification:  he is “worth” only 1.093 percent of the valorization of another dead curriculum vitae, that of Foucault, who’s also on Google Scholar.  The world is falling in love with geography, but we don’t need more than just a few human geographers to do geography, thanks to the self-replicating algorithms and bots of the corporate cloud of cognitive capital.

The geolocatable knowledge economy is thus a bundle of contradictions and the endgame of the organic composition of human capital.  Human researchers spending years in the archives to build databases are now put into competition with the fractal second derivatives of code:  how do I balance my respect and reverence for our new generation of geographers screen-scraping APIs and coding in R, D3, Python, and Ruby on Rails without giving up what we have learned from the slow, patient, embodied labor of previous generations working by hand?  I see the tips of stems, not just in Hägerstrand’s small Swedish parish, but right here, in this room.  Tips of stems, endlessly twisting down in the realm of times past — but in today’s times where each flower now faces unprecedented competition in every domain:  jobs, research support, academic freedom, human care, human recognition, human attention.  Tips of stems, endlessly twisting through time-spaces of a present suffused with astronomical volumes of geographical data in what the historian George Dyson (2012) calls the “universe of self-replicating code.”  Tips of stems, tracing out an entirely new ontology of socio-spatial sampling theory defined by the automated mashup analytics that now combine Hägerstrand’s time-space diagrams with Heisenberg’s observational uncertainties, Alan Turing’s (1950) ‘universal machine,’ and Foucault’s archaeology of knowledge blended with Marx’s conception of the “general intellect” and Auguste Comte’s notion of the ‘Great Being’ of all the accumulated knowledge of intergenerational human knowledge, tradition, and custom.  Tips of stems, tracing lifeworlds of a situationist social physics that treats smartphones as “brain extenders” (Kurzweil, 2014) converging into a planetary “hive mind” (Shirky, 2008) while reconfiguring the observational infrastructures and human labor relations of an empiricist hijacking of positivism:  if Chris Anderson (2008) is correct that the petabyte age of data renders the scientific method obsolete, then who needs theory?

We all need theory — we humans.  Theory is the intergenerational inheritance of human inquiry, human thought, and human struggle.  Let me be clear:  I mean no disrespect to the extraordinary achievements of the new generation of data revolutionaries represented by my distinguished panelists, and all of you who can code circles around my pathetic do-loop rusty routines in FORTRAN, Cobol, and SAS.  Tips of stems, twisting themselves down into the realms of human history:  take a look around, at one of the last generations of human geospatial analysts, before we’re all replaced by algorithmic aggregation.  Yesterday’s revolution was humans doing quantification.  Today’s revolution is quantification doing humans.


Anderson, Chris (2008).  “The End of Theory:  The Data Deluge Makes the Scientific Method Obsolete.”  Wired, June 23.

Blaut, James (1993).  The Colonizer’s Model of the World.  New York:  Guilford Press.

Dyson, George (2012).  “A Universe of Self-Replicating Code.”  Edge, March 26, at

Hägerstrand, Torsten (2006).  “Foreword.”  In Anne Buttimer and Tom Mels, By Northern Lights:  On the Making of Geography in Sweden.  Aldershot:  Ashgate, xi-xiv.

Kitchin, Rob (2014).  The Data Revolution:  Big Data, Open Data, Data Infrastructures and Their Consequences.  London:  Sage Publications.

Kinsley, Sam (2014).  “Memory Programmes:  The Industrial Retention of Collective Life.”  Cultural Geographies, October.

Kurzweil, Ray (2014).  Comments at ‘Will Innovation Save Us?’ with Richard Florida and Ray Kurzweil.  Vancouver:  Simon Fraser University Public Square, October.

MarketWatch (2015).  “LinkedIn Wants to Map the Global Economy.”  MarketWatch, April 9.

Pred, Allan (2005).  “Hägerstrand Matters:  Life(-path) and Death Matters — Some Touching Remarks.”  Progress in Human Geography 29(3), 328-332.

Shirky, Clay (2008).  Here Comes Everybody:  The Power of Organizing Without Organizations.  New York:  Penguin.

Turing, Alan M. (1950).  “Computing Machinery and Intelligence.”  Mind 59(236), 433-460.


~ ~ ~

“What makes location valuable? Geolocation as evidence, meaning, & identity”
Agnieszka Lesczcynski, University of Birmingham

I want to invert the question that Jeremy and myself posed to the panel when organizing this session by asking, rather than ‘where is the value’ in geolocation, what is it that makes geolocation valuable? In contending that there are particular kinds of economies emerging around location, it is because geolocation itself is somehow intrinsically valuable, and I’d like to make some preliminary propositions to this end.

Over the last few years I have been particularly interested in the ways in which emergent surveillance practices of the securities agencies, made broadly known to us through the as yet still-unfolding Snowden revelations, are crystallizing around big data – its collection, mining, interception, aggregation, and analytics. And specifically, I’m particularly interested in the ways in which locational data is figuring as central within these emergent regimes of dataveillance. Indeed at the close of 2013, Barton Gellman and Ashkan Soltani, reporting in the Washington Post, identified at least ten American signals intelligence programmes or SIGADs that explicitly sweep up locational data – i.e., where location data is the target or object of data capture, interception, and aggregation.

  • Under a SIGAD designated HAPPYFOOT, the NSA taps directly into mobile app data traffic that streams smartphone locations to location-based advertising networks organized around the delivery of proximately relevant mobile ads, often unencrypted and in the clear. This locational data, which is often determined through mobile device GPS capabilities, is far higher-resolution than network location, allowing the NSA “to map Internet addresses to physical locations more precisely than is possible with traditional Internet geolocation services”
  • Documents dating from 2010 reveal that the NSA and GCHQ exploit weaknesses in ‘leaky’ mobile social and gaming applications that veil secondary data mining operations behind primary interfaces, piggybacking off of commercial data collection by syphoning up personal information including location under a signals intelligence program code-named ‘TRACKER SMURF’ after the children’s animated classic
  • In perhaps the most widely publicized example, the NSA collects over 5 billion cell phone location registers off of cell towers worldwide, bulk processing this location data through an analytics suite code-named CO-TRAVELLER which looks to identify new targets for surveillance on the basis of parallel movement with existing targets of surveillance – i.e., individuals whose cell phones ping off of the same cell towers in the same succession at the same time as individuals already under surveillance.
  • Just a few months ago, it was leaked that the CSE, or Canada’s version of the NSA, was tracking domestic as well as foreign travelers via Wi-Fi at major Canadian airports for up to two weeks as they transited through the airports and subsequently through other ‘nodes’ including other domestic and international airports, urban Wi-Fi hotspots, transport hubs, major hotels and conference centers, and even public libraries both within Canada and beyond in a pilot project for the NSA;
  • and, most recently, under a SIGAD code-named LEVITATION, the CSE has been demonstrated to be intercepting data cable traffic to monitor up to 15 million file downloads a day. Particularly significant in the leaked CSE document detailing this programme is that the CSE explicitly states that it is looking to location data to improve LEVITATION capabilities for intercepting both GPS waypoints and “[d]evices close to places” so as to further isolate and develop surveillance targets, including those carrying and using devices within proximity of designated locations.

So the question is, why geolocation? Why is it of such great interest to the securities agencies? And here I want to argue that it is of interest because it is inherently valuable, and uniquely so amongst other forms of PII. And this value is latent in the spatio-temporal and spatial-relational nature of geolocation data.

  • the spatio-temporal nature of many spatial big data productions means that it may be enrolled as definitive evidence of our complicity or involvement in particular kinds of socially disruptive events or emergencies by virtue of our presence, or as in the case of CO-TRAVELER, co-presence and co-movement, in particular spaces at particular times
  • furthermore, longitudinal retention of highly precise, time-stamped geoloational data traces allow for the reconstruction of detailed individual spatial histories, which like the CO-TRAVELER example, similarly participate within what Kate Crawford has recently characterized as emergent truth economies of big data in which data is truth;
  • the relational nature of spatial big data productions, in which our data may be used to discern our religious, ethnic, political and other kinds of personal affiliations and identifies on the basis of the kinds of places that we visit and the ability to establish linkages with other PII across data flows;
  • and, in this vein, the ways in which locations are inherently meaningful – for example, they may be as revealing of highly sensitive information about ourselves as our DNA. For instance, on the basis of the specialty of a medical office that we visit, this information may be revelatory of the fact that we may have a degenerative genetic disease and the nature of that disease – information that socially we otherwise understand as some of the most private information about ourselves.
  • and, of course, the ways in which location is not only revealing of identity positions, but it is identity – for example, a group of researchers determined that unique individuals could be identified form the spatial metadata of only four cell phone calls at a very high confidence level.

So in asking where is the value in geolocation, my take is that it is valuable – to both the intelligence apparatuses that I have highlighted here but also corporate entities – because it is uniquely sensitive – revealing and identifying – amongst other forms of PII.

~ ~ ~

Crypto-geographies and the Internet of Things

Secret codes have long fascinated people. According to Secret History, a new history of cryptology by Craig Bauer, who was Scholar-In-Residence at the NSA Center for Cryptologic History in 2011-12, cryptography predates the Greeks. Many of these ciphers were relatively simple by today’s standards, involving either transposition or substitution (respectively systems where the letters are moved but not replaced, and where the letters are replaced, eg., A is replaced by Z, etc).

The now fairly well-known Enigma machine, deciphered by British scientists at Bletchley Park (and the subject of many books and a couple of movies) is pictured above. This was a German system of ciphering, used by the German Nazi regime during WWII. Less well-known (but undeservedly so) are the decryptions by the NSA and its predecessor group (The US Army Signals Intelligence Service located at Arlington Hall, a former girl’s school in Virginia) of the so-called Venona traffic. Venona refers to the project to decrypt Soviet diplomatic communications with its agents in the USA and elsewhere. These encrypted messages often referred to codenames of American spies working for the Soviets during the war. With the help of investigations by the FBI the US government was able to identify many of these people, based on the partial decryptions. According to the NSA and most (but not all) historians, these included Julius and Ethel Rosenberg, Klaus Fuchs, and several serving OSS personnel.

The Soviets were tipped off to the fact that the US was decrypting their messages (probably by Kim Philby, the British spy who was posted to the US for a time), and stopped using their one-time encryption pads. Nevertheless the project to decrypt the messages continued until the early 1980s, eventually yielding about 2,900 partially decrypted messages. They remained a closely guarded secret long after their operational worth had dwindled, and it was only with the publication in 1987 of Spycatcher, by Peter Wright, a former British intelligence officer, that the project was referred to by its codename in public. (Publication of Spycatcher was embargoed by Margaret Thatcher’s government in the UK, but Wright succeeded in publishing it in Australia anyway.)

Some terms: “Cryptography” is the science (and art) of creating ciphers. “Cryptanalysis” is the effort of deciphering them without the key. “Cryptology” is both of these, to include the assessment of the security of a cipher, comparing ciphers and so on. The words are Greek from kryptos (κρυπτός) meaning hidden, secret.

Is there such a thing as cryptologic geographies? If not, could there be, and of what would it consist? In other words, are there (non-trivial) geographies of encryption? Here are some ideas.

One of my earliest ideas of this was a geography of https, the secure version of web-browsing (now coming into vogue but still greatly variable). The New York Times recently laid down a challenge to make https default by the end of 2015 if other media companies would do the same. This is non-trivial, because if encrypted messages are more secure than non-encrypted ones, then the latter will reveal weaknesses in the internet. These weaknesses could be exploited. Second, if you are sending emails and other communications over the internet in non-encrypted form, then this is easier for governments to intercept and monitor.

And this is not just to do with messages you write, but also other parts of the personal datastream. For example, your location. What if you could record, but encrypt your geolocation to take advantage of services offered by apps (eg Google Maps) in such a way that they could not be intercepted, decrypted and exploited by third parties (including the government)? Would this mean that the web and internet would “go dark” as officials warn? And would criminals and terrorists be afforded protection in those dark spaces? That was certainly the message of the Attorney General and the FBI Director a few days ago in response to plans by Apple and Google to implement better encryption. AG Holder:

said quick access to phone data can help law enforcement officers find and protect victims, such as those targeted by kidnappers and sexual predators.

Justice Department officials said Holder is merely asking for cooperation from the companies at this time.

And how universal would this advantage to users, potential criminals and law enforcement be? And would those places where one of these had an advantage necessarily overlap with the others? That is, what would be the differential access to encryption from place to place or group to group–a digital divide of encryption?

Is there a political economy of encryption? Who are the companies and individuals working on encryption in the commercial sector? To what extent is there movement between the private and public sectors of both cryptology expertise and personnel? Further, to what extent is there better crypotography in the government and intelligence community than there is in the commercial sector? What are the implications of allowing backdoors to encryption algorithms that can “only” be broken by the government but not by third parties? (I’m thinking here of the well-known proposal in the 1990s for the “Clipper Chip” which allowed just such a backdoor for the NSA but was met with such opposition that it was not implemented.) Is such a backdoor safe from third party hacking, and if so, for how long? (And what is an acceptable definition of “safe” here?). A geographical analysis of these questions would imply some access to where and who has installed the systems in question, which might be provided by basic research efforts such as those carried out at the Oxford Internet Institute by Mark Graham and his colleagues.

Do other computer systems have vulnerabilities? That is, ones without designed-in backdoors? If so, where are they? When it comes to exploits and vulnerabilities, what are the implications of announcing them vs. hoarding them (eg, so-called zero-day exploits)? Is there differential access to knowledge about exploits and vulnerabilities? Where? Again, who makes money off this? What is the crypto- value-chain?

Speaking of hacking; there are a huge array of secret attempts (and thus crypto- if not cryptologic) to break into, disrupt, or exploit systems (and an equally expansive range of countermeasures). The Department of Defense has estimated there may be up to 10 million hacking attacks per day. Most of these are probably automated scans, according to Adam Segal, a cybersecurity expert at the Council on Foreign Relations.

What systems are vulnerable to these exploits, and what exploits are being carried out? Here we could examine mundane events such as DDOS, where antagonists attempt to bring down a web server to deny its proper function, to more exotic events such as the US/Israeli Stuxnet virus meant to disrupt Iranian nuclear programs (but which had effects well beyond Iran once the virus was in the wild). (For more on this virus/worm, see the Stuxnet Dossier [pdf] compiled by Symantec.)

We often hear in the news that certain countries (Russia, China) are more responsible for intrusions and exploits than others, but I’m not aware of any detailed work on this sort of cryptogeography. The recent JP Morgan vulnerability affected more than 83 million US households (who? why?), according to the NYT, and actually included another 9 banks not previously reported. The NYT also said the attack was carried out by hackers having “at least loose connections with officials of the Russian government.” But that is a very imprecise and sketchy account. Just recently, a new poll showed bipartisan low levels of confidence among Americans in the “government’s ability to protect their personal safety and economic security.” Here government is arguably failing at its job of providing security. Ferguson and domestic homicides were mentioned specifically in the AP story. Do people feel threatened by the JP Morgan hacks, the Target and other breaches?

There is surely a whole economy of knock-on effects that result from this; so again, we can speculate about a political economy of crytogeographies.

What would a better map of hacking attempts look like? Security companies and telcos track these data, as for example in this map created by Norse which describes itself as “a global leader in live attack intelligence.” Who is this company? How do they earn their money? More importantly, what is the nature of this market sector more generally?

(Click for live version.)

The above map however is to a large extent a misrepresentation because it only shows attacks on their honeypots, not the entirety of the internet, or even the entirety of a particular region or network.

A similar visualization, again covering the globe by country, is offered by Kaspersky Labs.

(Click for live version)

These are not per se all that analytically valuable, although they are visually striking (if somewhat derivative).

What do these attacks do, and to whom do they do it? It would be interesting to do a geopolitical analysis of the Stuxnet worm here, which has received a fair amount of coverage. Stuxnet would make an interesting case study, although it remains to be seen how representative it is (being created by state actors against the nuclear capabilities of another state). As stated above, most attacks are undirected and opportunistic. A Congressional Research Services (CRS) Report on Stuxnet examined the national security implications of the attack, and of course there is a long history of the study of cyberattacks and cyberwarfare going back several decades. But I’m not aware that geographers have contributed to this literature in a geopolitical sense.

For some, these concerns are especially paramount in the context of smart cities, big data and automated (“smart”) controls–including the so-called smart grid and the Internet of Things (IoT). Take utilities and smart meters for instance. There are minimally two concerns–that hackers could access smart controls and take command of critical infrastructure, and second, that data held in smart meters may be legally accessible under surveillance laws by the government. Another CRS report in 2012 warned that current legislation “would appear to permit law enforcement to access smart meter data for investigative purposes under procedures provided in the SCA, ECPA, and the Foreign Intelligence Surveillance Act (FISA)”. Although we hear a lot about surveillance of phone and internet communications, there is as yet much less on surveillance of other big data sources. Luckily I have a paper coming out on that topic but needless to say much more needs to be done.

Cryptologic geographies would appear to be a fertile field for investigation. Broadly conceived to include geopolitical implications, big data, regulation and policy, governance, security, the Internet of Things, cybergeographies, and justice, there is a need for intervention here to both clarify our understanding, and intervene in policy and political debate. Certainly other scholars are already doing so (eg., Internet Governance Project paper on whether cyberwarfare is a new Cold War, pdf).

The mass of connected computer systems and devices known as the Internet of Things will surely only intensify issues of security, encryption and governance. The crypto-geographies of these are highly important to sort through. This post is an attempt to highlight what issues are at stake and to provide some initial ideas.

New paper: “Collect it all”

I’ve posted the final manuscript draft of a new paper at SSRN: “Collect it all: National Security, Big data and Governance.”

Here’s the abstract.

This paper is a case study of complications of Big Data. The case study draws from the US intelligence community (IC), but the issues are applicable on a wide scale to Big Data. There are two ways Big Data are making a big impact: a reconceptualization of (geo)privacy, and “algorithmic security.” Geoprivacy is revealed as a geopolitical assemblage rather than something possessed and is part of emerging political economy of technology and neoliberal markets. Security has become increasingly algorithmic and biometric, enrolling Big Data to disambiguate the biopolitical subject. Geoweb and remote sensing technologies, companies, and knowledges are imbricated in this assemblage of algorithmic security. I conclude with three spaces of intervention; new critical histories of the geoweb that trace the relationship of geography and the state; a fuller political economy of the geoweb and its circulations of geographical knowledge; and legislative and encryption efforts that enable the geographic community to participate in public debate.

Keywords: Big Data, privacy, national security, geoweb, political economy

Surveillance costs–new study

Shortly after the Edward Snowden revelations began in June 2013 I wrote a Commentary for Society and Space open site on the costs of security.

One of the issues I addressed had to do with the economic and other costs of surveillance:

What does the US actually pay? One attempt at an answer to this surprisingly difficult question was recently provided by the National Priorities Project (NPP). Their estimate was that the US national security budget was $1.2 trillion a year.

A new report by the New America Foundation has further explored the costs of surveillance in terms of lost business opportunities to US companies, US foreign policy and cybersecurity:

  • Direct Economic Costs to U.S. Businesses: American companies have reported declining sales overseas and lost business opportunities, especially as foreign companies turn claims of products that can protect users from NSA spying into a competitive advantage. The cloud computing industry is particularly vulnerable and could lose billions of dollars in the next three to five years as a result of NSA surveillance.
  • Potential Costs to U.S. Businesses and to the Openness of the Internet from the Rise of Data Localization and Data Protection Proposals: New proposals from foreign governments looking to implement data localization requirements or much stronger data protection laws could compound economic losses in the long term. These proposals could also force changes to the architecture of the global network itself, threatening free expression and privacy if they are implemented.
  • Costs to U.S. Foreign Policy: Loss of credibility for the U.S. Internet Freedom agenda, as well as damage to broader bilateral and multilateral relations, threaten U.S. foreign policy interests. Revelations about the extent of NSA surveillance have already colored a number of critical interactions with nations such as Germany and Brazil in the past year.
  • Costs to Cybersecurity: The NSA has done serious damage to Internet security through its weakening of key encryption standards, insertion of surveillance backdoors into widely-used hardware and software products, stockpiling rather than responsibly disclosing information about software security vulnerabilities, and a variety of offensive hacking operations undermining the overall security of the global Internet.

These may end up being upper bounds of the costs (and consequences), but they are very helpful in identifying what is at stake here. I haven’t read the whole report yet, but the executive summary is here (pdf).


CFP: Spatial Big Data & Everyday Life (AAG 2015)

Call for Papers: Spatial Big Data & Everyday Life
American Association of Geographers Annual Meeting
21-25 April 2015

Agnieszka Leszczynski, University of Birmingham
Jeremy Crampton, University of Kentucky
“What really matters about big data is what it does” (Executive Office of the President, 2014: 3).

Many disciplines, including the economic and social sciences and (digital) humanities, have taken up Big Data as an object and/or subject of research (see Kitchin 2014). As a significant proportion of Big Data productions are spatial in nature, they are of immediate interest to geographers (see Graham and Shelton 2013). However, engagements of Big Data in geography have to date been largely speculative and agenda-setting in scope. The recently released White House Big Data report encourages movement past deliberations over how to define the phenomenon towards identifying its material significance as Big Data are enrolled and deployed across myriad contexts – for example, how content analytics may open new possibilities for data-based discrimination. We convene this session to interrogate and unpack how Big Data figure in the spaces and practices of everyday life. In so doing, we are questioning not only what Big Data ‘do,’ but also how it is they realize particular kinds of effects and potentialities, and how the lived reality of Big Data is experienced (Crawford 2014).

We invite papers along methodological, empirical, and theoretical interventions that trace, reconceptualize, or address the everyday spatial materialities of Big Data. Specifically we are interested in how Big Data emerge within particular intersections of the surveillance, military, and industrial complexes; prefigure and produce particular kinds of spaces and subjects/subjectivities; are bound up in the regulation of both space and spatial practices (e.g., urban mobilities); underwrite intensifications of surveillance and engender new surveillance regimes; structure life opportunities as well as access to those opportunities; and/or change the conditions of/for embodiment. We intend for the range of topics and perspectives covered to be open. Other possible topics include:

• spatial Big Data & affective life
• embodied Big Data; wearable tech; quantified self
• algorithmic geographies, algorithmic subjects
• new ontologies & epistemologies of the subject
• spatial Big Data as surveillance
• Big Data and social (in)equality
• “ambient government” & spatial regulation
• spatial Big Data and urbanisms (mobilities; smart cities)
• political/knowledge economies of (spatial) Big Data

We welcome abstracts of no more than 250 words to be submitted to Agnieszka Leszczynski ( and Jeremy Crampton ( by August 29th, 2014.

Crawford K (2014) The Anxieties of Big Data. The New Inquiry.

Executive Office of the President (2014) Big Data: Seizing Opportunities, Preserving Values. The White House.

Graham M and Shelton T (2013) Guest editors, Dialogues in Human Geography 3 (Geography and the future of big data, big data and the future of geography).

Kitchin R (2014) Big Data, new epistemologies and paradigm shifts. Big Data and Society (1): In Press. DOI: 10.1177/2053951714528481.


Contractor receives $400K federal funds for automatic license plate reading

According to reporting by Bloomsberg News the IRS, the Forest Service and the U.S. Air Force’s Air Combat Command have awarded a contractor over $400,000 in contracts for its automated licence plate recognition (ALPR) system since 2009.

It’s not clear if the contracts to Vigilant Solutions are ongoing, given the context that Homeland Security dropped similar plans in February of this year following widespread opposition form civil liberties groups.

“Especially with the IRS, I don’t know why these agencies are getting access to this kind of information,” said Jennifer Lynch, a senior staff attorney with the Electronic Frontier Foundation, a San Francisco-based privacy-rights group. “These systems treat every single person in an area as if they’re under investigation for a crime — that is not the way our criminal justice system was set up or the way things work in a democratic society.”

Other countries (including the UK) have long had such systems in place.

If you go to the Vigilant website they have a long complaining blog post about the lies and distortions by civil liberties groups:

License plate readers are under siege nationwide, thanks to a well-funded, well-coordinated campaign launched by civil liberties groups seeking to take advantage of the growing national debate over surveillance. 

Unfortunately, the campaign led by the American Civil Liberties Union (ACLU) has deliberately clouded and even omitted those facts.

According to this article, Vigilant actually successfully used the First Amendment to overturn an anti license-plate recognition law in Utah:

Vigilant Solutions and DRN [Digital Recognition Network] sued the state of Utah on constitutional grounds, arguing that the law infringed on the First Amendment right to take photographs of public images in public places, a right that everyone in Utah shares.

The law was overturned, but Vigilant com,plains that state agencies were then barred from using any of the data collected, impacting their profits. They also complain about data retention limits.

What’s also interesting about companies such as this is that they illustrate the argument for understanding policing and military together (see this blog post by Derek Gregory for example).

Security and resilience


The journal Politics which is published by the Political Studies Association, has a new open access issue on resilience and security. The issue was edited by three people at Warwick University, James Brassett, Stuart Croft, and Nick Vaughan-Williams with whom I was not previously familiar.

I look forward to perusing this in detail soon, but it’s worth noting one thing here. The editors open by claiming there’s a kind of gap or slippage in how “resilience” as a concept is put into play (a productive gap they claim). As I noted earlier this year in reply to Mark Neocleous’s anti-resilience piece (with an open access follow-up in Society and Space here), if we are to make anything useful with the concept of resilience, then we need to understand how it can improve human well-being (as well as the related question of well-being for whom).

It looks on initial inspection as if the issue is more concerned with resilience than security, but it is good to see the two terms being put together. Pete Adey, Klaus Dodds and I have a cfp on (post)-security and sustainability that is relevant here. Despite the prevalence of “critical security studies” these three terms are rarely placed in conjunction.

(Via Stuart Elden)