Abstract
This chapter discusses the political relevance of ICT-architecture through a review of recent developments in the Netherlands, involving the bumpy introduction of a national smart card for public transport and the plans for electronic traffic pricing based on actual road usage of individual cars. One of the underlying themes is the centralised or decentralised storage of privacy-sensitive data, where centralised informational control supports centralised societal control.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
At least in the Netherlands; the situation in other countries may vary, but the differences are not essential at this stage.
- 2.
See for instance http://datalossdb.org/for an overview.
- 3.
Which, for simplicity, are treated here as one organisation.
- 4.
It seems to be a new trend to use ecology, instead of terrorism, as argument to undermine privacy.
- 5.
Which are quite unnecessary actually, because the travel companies show no inclination whatsoever to delete any transaction data; the tax office even requires that these data are stored for seven (!) years.
- 6.
The responsible company Translink claimed (afterwards) it had noticed the event as a mismatch of balances but had decided not to respond because one cent did not look like serious fraud. Hence the journalist could travel for a couple of days with the adapted card, until the manipulation was made public. Not everyone was amused. A similarly manipulated (Oyster) card was used earlier in London to demonstrate that free rides are possible.
- 7.
It did result in some additional delays, and in the development of a migration plan.
- 8.
See Jacobs and de Jonge (2009) for a more accessible account.
- 9.
Like at spamgourmet.com.
- 10.
Such an address-blinding service is not something only postal services can do; anyone can do it by acting as distribution center oneself. However, this may involve double postal charges.
References
Brands, S. 2000. Rethinking public key infrastructures and digital certificates: Building in privacy. Cambridge: MIT Press. Also available online at www.credentica.com.
Cho, A. 2008. University hackers test the right to expose security concerns. Nature 322 (5906): 1322–1323. Also available online at http://www.sciencemag.org/cgi/reprint/322/5906/1322.pdf.
European Commission. 2009. Commission recommendation on the implementation of privacy and data protection principles in applications supported by radio-frequency identification. 12 may 2009. C(2009)3200 final.
Garcia, F., G. de Koning Gans, R. Muijrers, P. van Rossum, R. Verdult, R. Wichers Schreur, and B. Jacobs. 2008. Dismantling MIFARE classic. In Computer security—ESORICS 2008, eds. S. Jajodia and J. Lopez, 97–114. Lecture Notes Computer Science, vol. 5283. Berlin: Springer.
Garcia, F., P. van Rossum, R. Verdult, and R. Wichers Schreur. 2009 Wirelessly pickpocketing a mifare classic card. In 30th IEEE symposium on security and privacy (S&P 2009), 3–15. Oakland: IEEE.
Jacobs, B. 2009. Keeping our surveillance society non-totalitarian. Amsterdam Law Forum 1 (4): 19–34. Also available online at http://ojs.ubvu.vu.nl/alf/article/view/91/156.
Jacobs, B., and W. de Jonge. 2009. Safety in numbers: Road pricing beyond ‘thin’ and ‘fat’. Thinking Highways 4 (3): 84–87 (Sept./Oct. 2009).
de Jonge de, and B. Jacobs. 2009. Privacy-friendly electronic traffic pricing via commits. In Formal aspects in security and trust, eds. P. Degano, J. Guttman, and F. Martinelli, 143–161. Lecture Notes Computer Science, vol. 5491. Berlin: Springer.
de Koning Gans, G., J.-H. Hoepman, and F. Garcia. 2008. A practical attack on the MIFARE classic. In 8th smart card research and advanced application conference (CARDIS 2008), eds. G. Grimaud and F.-X. Standaert, 267–282. Lecture Notes Computer Science, vol. 5189. Berlin: Springer.
Le Métayer, D. 2010. Privacy by design: A matter of choice. This volume.
Lessig L. 2001. The future of ideas. Vintage. Knopf Doubleday Publishing.
Nohl, K., D. Evans, Starbug, and H. Plötz. 2008. Reverse-engineering a cryptographic RFID tag. In 17th USENIX security symposium, 185–94. San Jose, CA. USENIX Association, see http://www.informatik.uni-trier.de/~ley/db/conf/uss/index.html
Nohl, K., and H. Plötz. 2007. Mifare, little security, despite obscurity, Dec. 2007. Presentation on the 24th Congress of the Chaos Computer Club. Berlin. see http://events.ccc.de/congress/2007.
Verheul, E. 2001. Self-blindable credential certificates from the Weil pairing. In Advances in cryptology—ASIACRYPT 2001, ed. C. Boyd, 533–550. Lecture Notes Computer Science, vol. 2248. Berlin: Springer.
Acknowledgements
Thanks to Wouter Teepe for his critical reading of an earlier version.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Jacobs, B. (2010). Architecture Is Politics: Security and Privacy Issues in Transport and Beyond. In: Gutwirth, S., Poullet, Y., De Hert, P. (eds) Data Protection in a Profiled World. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-8865-9_18
Download citation
DOI: https://doi.org/10.1007/978-90-481-8865-9_18
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-8864-2
Online ISBN: 978-90-481-8865-9
eBook Packages: Humanities, Social Sciences and LawLaw and Criminology (R0)