More on Google, Security, and Michael Gianaris
If you’ve read my other blog, you saw that I’d commented on a local (to me) NY state assemblyman’s efforts to urge Google to censor sensitive sites. I’d also emailed him a few weeks prior to that post, and perhaps thanks to some wider coverage, I’ve finally gotten a response — an email (printed below), which I followed up with a phone call* to further discuss the issues and confirm that he doesn’t mind my publishing his email.
My summary of the conversation is that I think he understands the issues a bit more than it appeared in the original news article a month ago, though I think he somewhat mischaracterized my comments in his email. And he seems somewhat receptive to the ‘open society’ issues I and others have raised. He told me that he mostly wants to create a dialog between Google, DHS, and local law enforcement, to possibly protect only the most sensitive sites (power plants, etc..) and to have Google help put pressure on map providers if necessary, to which I can only say that dialog is generally a good thing, but censorship is generally a bad idea.
[Personally, I think the federal government already has quite a bit of leverage on the providers, both in aerial and satellite realms, as the government is a big paying client, supporter, and regulator. And I'd be surprised if Google hasn't already talked to the government, though perhaps not at the local levels.]
I still contend that such censorship, if it happens at all, should happen at the source — better to avoid getting Google in the habit of censoring US data, or it will soon lead to "please censor my house — signed, Barbara" and more importantly, it will lead to all-too-common censorship of places where the government or industry hasn’t served the public interest or safety — less about our security and more about theirs — job security for government officials, and perhaps financial security for companies who might claim a need to censor their way out of public oversight.
Anyway, without further repeating myself, here is his response to my initial letter (and perhaps my blog post):
June 8, 2007Dear Avi, <>
Thank you for contacting me regarding my efforts to increase responsibility among corporations that operate satellite imaging programs. <>
I regret that it has taken so long to respond but please be assured I appreciate your thoughts and your offer to provide me with additional information concerning satellite imaging. <>I thought it important to clarify some of my specific concerns to avoid any misunderstandings about my position. First, my communication with Google and other satellite mapping services relates only to facilities that are *_not_* clearly visible from public streets, such as power plants, airports, chemical storage facilities and the like. Generally speaking, a passerby on the street will only be able to view a perimeter fence at these locations. Satellite images, however, reveal a detailed layout of the various buildings and infrastructure contained on the other side of that fence, potentially facilitating an attack with information that is not easily obtainable otherwise.
<>Indeed, your contention that “there’s nothing stopping a would-be terrorist from taking these pictures himself” is simply mistaken. A recent WABC-TV investigative report revealed numerous installations where an individual with a camera was prohibited by security personnel from taking photos of these sites, only to have the exact same photos and satellite images available through internet mapping services. In short, these services provide information that is either not available elsewhere or even strictly prohibited as a result of security concerns.
<>Further, while I recognize that many of these images are available for purchase from services other than Google, those services do not provide the information in question in such an accessible and anonymous format. There is value in requiring one interested in satellite images of sensitive infrastructure to leave a paper trail in the form of a credit card order – something that the free mapping services do not necessitate.
I also believe Google bears a special responsibility as the industry leader in this field. It is likely that a new security policy from Google will lead others to follow suit with similar policies of their own.
<>In short, I appreciate the value of satellite mapping services available through the internet. I use them myself on a regular basis and do not intend to affect their availability in any way. My concerns are extremely limited to those few and rare infrastructure sites for which the information obtainable on the internet is not otherwise available in such an accessible manner. Even for those images, I am only requesting that the images not be as crystal clear as they would otherwise be. I do not believe this is a serious imposition on Google or any comparable service, but I do believe that it would help provide some measure of additional security at a crucial time for our country. <>
Again, thank you for your thoughts and comments and I look forward to being in touch. Please be assured that I will continue to advocate for a safer New York while always working tirelessly to ensure that our right to privacy remains intact as well. <>
I appreciate your taking the time to inform me of your views on this important issue. If you have further thoughts on this or any other matter, please feel free to contact my office. <>
Sincerely yours, <>
MICHAEL N. GIANARIS
<> Member of Assembly
And here’s my reply, just sent an hour ago:
Dear Mr. Gianaris,Thank you for responding. Just to be clear, we are talking about two different technologies which may sometimes get confounded: Google Street View takes pictures from a moving car at street level vs. Google Earth/Maps, which use planes and satellites to take pictures from overhead. Both have been labeled "terrorist-enabling" recently.
In terms of my comment that terrorists could take these pictures themselves, terrorists could emulate any picture in Street View with (if they’re minimally careful) no suspicion raised. Terrorists could also take pictures from rooftops to peer into sensitive sites, like power plants, far beyond what they could see from the street. Terrorists could even charter a plane or helicopter to recreate most city views from Google Earth or Maps, but as you say, with more suspicions raised and more evidence left behind (given for-hire aerial survey companies, they need not be in the plane themselves).
However, chartering a plane is not necessary, and the level of evidence left behind when simply purchasing a map on-line is not significantly greater than the evidence one leaves behind when using Google Earth — some of it useful forensically, but not pro-actively, unless you have access to a potential terrorist’s communications before they do anything. Basically, all one needs is a credit card and an identity — and we’ve seen that is no problem. The 911 hijackers were even in the US legally, using their real names as far as I’m aware.
The maps one can buy are also fairly large in area. It would be difficult to order, say, a close up of a power plant and thereby tip off the map seller to suspicious activity. But obtaining a hi-res picture of Queens is easy, and there should be no suspicion raised if individuals buy such maps simply because they love the place.
It sounds like you are suggesting that map sellers could report people who purchase certain maps, which would be unfortunate, IMO, for an open society. But if the map sellers are willing to cooperate in this or any manner, then it should be trivial to get them to censor the imagery before Google ever obtains it. And that’s where censorship should happen, if at all.
However, the more important point I want to stress is that the censorship is actually counter-productive. Seeing a censored area lets someone know that it is vulnerable. And what really should be done is to protect that area from direct observation and penetration. As I mentioned on my blog, the military protects missile silos from view, not with letters to Google, but by disguising or camouflaging the sites.
Now, in my opinion, it is appropriate to ask Google to update their imagery if and when sensitive sites are later protected, such that they only show the current version, not the old version that showed the previous vulnerability. That’s totally reasonable, because it better reflects reality. But censorship, to be effective, should happen at the source, either at the map provider, or ideally by protecting the site itself.
The real danger of censorship, which I want to stress, is that it lets the government cover up in places where it has failed to do its job rather than fix the problems directly. Google Earth is a great tool for democratic oversight, which, in an era of Nixonian malfeasance in Washington, is more important than ever.
Best,
Avi
One afterthought. Something that bugged me about my conversation with Mr. Gianaris is that he seemed to believe that the folks at Google Earth hadn’t thought much about security and terrorism. And while there may be local details they’re not aware of, I want to make it perfectly clear that everyone I know that worked or now works on GE understands the value of spatial intelligence very clearly and what the issues are.
The original super-computer technology that lead to Google Earth was in large part borne from the US mission to spy (for lack of a better word) on the rest of the world, dating all the way back to the Keyhole satellite (hence the original name of the company). The founders of the company have, at various times, worked on undisclosed projects, and one of them even worked overseas for the US government in an undisclosed capacity.
These people absolutely understand the value of good spatial intelligence — to all sides — and I’m confidant they can weigh the issues while preserving our democratic values as well as Google’s ethical, legal, and customer-oriented responsibilities as a private-but-publicly-owned company.
There simply is no technology in existence that does not have both good and bad uses: computers, cell phones, cars. Since terrorism is still relatively rare, and since the positive uses of this technology are beneficial upwards of 99.99999% of the time, there really is no effective benefit to be gained from forcing would-be terrorists to use someone’s credit card to see a hi-res map of some power plant vs. seeing it for free.
In other words, if catching a terrorist requires forcing them to buy maps vs. see them for free, then we need to develop much better law enforcement mechanisms. I can understand why government forces seek every edge they can get in catching would-be terrorists. But they really should concentrate on the ones that work, vs. the ones that diminish the very society we’re all trying to protect.
Update: see my personal blog entry on my easy experience purchasing an uncensored version of content that is currently censored on Google Earth.
_________
*humorously, my cell phone was cut off after five loud beeps as we were discussing issues of terrorism and surveillance. I wonder if I’m now on some sort of watch list…
Avi,
I am sure that the folks at Google Earth understand the value of spatial intelligence and are working hard to balance the competing interests involved. However, I also believe that, with the possible exception of a few politicians, most government officials who have expressed concerns about the technology’s security implications are also trying to balance those same competing interests and not simply looking for a way to impose censorship.
Kevin,
I agree that *most* government officials are simply looking for easy ways to reduce risks. My complaint is that sometimes there is either no way to reduce a particular risk, or the best way is the harder way.
In this case, the easy way is to goad google, because they’re so big and it would have the most effect if they did what you want. The better way is to censor the actual imagery they get, so that it’s censored everywhere, not just from one outlet. The best way is to actually protect the sites. And in this, there are no shortcuts, because if a site is hit, people won’t give you credit for having censored the imagery. If you read my personal blog at BrownianEmotion.org, I showed how easy it really is to get around censorship in Google Earth.
The only people censorship really affects are casual users, who are not determined to obtain the intelligence. And catching people using credit cards only works if you’re looking, and are willing to investigate 99.99999% of normal uses.
That’s actually not a good use of our law enforcer’s very limited resources either, just as pervasive spying isn’t.
we want to know the more details about the google earth ’s inside content .could you give us some!
Please go on the topic :” HOW GOOGLE REALLY WORKS”
please…
Peter, see my post today about why it’s unlikely.