Read: China’s surveillance state should scare everyone.
License-plate readers are smart cameras arched covertly on traffic lights above busy intersections in cities including Oakland and Los Angeles. The cameras take photos of license plates, automatically tagging them with time stamp and location, then upload them to a database of more than 2 billion images dating back several years. Eighty million new photos are quietly uploaded to Vigilant’s database each month.
Documents reveal that Department of Human Assistance investigators accessed the database more than 1,000 times from June 2016 to July 2018. Investigators could configure the database to track one license plate over time or, in what Vigilant calls “stakeout” mode, to list all license plates seen in a specified location. It’s not clear how either configuration aided the investigative process, but applicants through the state’s CalWORKS program have asset ceilings, limiting them to $2,250 in their bank accounts. Investigators hoping to ferret out fraud might be interested in knowing where those on public assistance go.
But it’s not just welfare recipients who are being tracked, and it’s not just in physical space. A 2017 report from CBC News found that the Canada Revenue Agency, the CRA to our IRS, has begun to scan the Facebook and Instagram accounts of high-income citizens they suspect of committing tax fraud.
People unknowingly incriminate themselves on social media all the time. In 2015, the San Francisco Police Department assigned a dedicated “Instagram officer” to scan social media for suspects posing in photos with stolen goods, violating house arrest, and the like. Savvy companies are already moving to automate social-media screening for fraud prevention. A 2015 patent from Intuit, the makers of TurboTax, would also use social media to detect fraudulent tax filings, potentially even “notifying authorities” of fraud if discrepancies are noted.
Surveillance for the purpose of fraud detection will likely evolve much in the same way as any other form of “smart” surveillance: First, it will be partially automated, then fully automated, then persistent and even predictive. Visa and Mastercard are already investing in start-ups touting continuous behavioral biometrics, fraud-detection technology that measures the way people use their devices: how they scroll, their reading pace, the angle at which they hold their phone, etc. If the technology detects a user abruptly changing these unconscious cues while accessing a mobile banking account, the transactions may be flagged as suspicious.
But as with other types of anti-fraud surveillance, this kind of monitoring reveals much more information than intended. The data from unconscious movements—mouse clicks, trips to the grocery store, a shared photo someone thought only friends would see—can be used in many different ways. Researchers in a 2017 study analyzed the mouse movements of Bing users searching for symptoms related to Parkinson’s disease. They were able to use cursor movements to infer tremors—subtle, involuntary shaking motions associated with neurodegeneration. They ultimately found correlations between mouse tremors and the severity of the disease, presumably before any user had a formal diagnosis.