I didn't read the by line and assumed it was written by an optimistic undergrad. Then at the end I saw "By Richard Stallman". I must say I'm in awe of Mr Stallmans optimism and never give up attitude.
Is this a joke article? I mean, I kind of get saying that RMS had a role to play in GNU/Linux, but calling it Linux and then repeating again and again that he wrote it just sounds comical.
Still, it does establish the fact that he uses some alternative means of getting in. Good for him.
"When the Computer Science and Artificial Intelligence Lab (CSAIL) moved into Stata in 2004, the MIT administration decided, without consulting the personnel of CSAIL, to make the system log which cards are used to open which doors and when."
Who owns the building? MIT or the personnel of CSAIL? If the building's owner wants a log of who came in and out of the building is that really something Mr Stallman has the power to object to?
In universities power is typically a bit distributed. Ultimately a nonprofit corporation owns everything, overseen by a board of trustees. But the board doesn't do that much day-to-day management. Instead there is an administrative and departmental structure. Unlike in a company, it's usually slightly less clearly hierarchical: there is usually a President or Provost, but they usually have less power than a CEO (for example, their ability to hire & fire academic staff is significantly constrained). And there are other structures like departments, faculty senates, etc. which have independent power (varying by university).
My guess is that, in this case, nobody at a high level made a decision in the first place, but rather a mid-level organization like MIT security or facilities management instituted the policy. Since they probably are delegated responsibility over building-access systems, they can do that. But the building inhabitants can also try to complain about the way their departments' buildings are being managed. If you were to ask more specifically, "does facilities management or CSAIL own the building?", the answer is sort-of neither, and sort-of both: it's owned by the corporate parent of both of them.
What if MIT were logging who went to the bathroom?
There's clearly no fundamental difference in securing a different part of the building. Does Mr Stallman (or perhaps an employee of the building if he's just a third party) not have a basis to criticize MITs tracking of bathroom habits because he (or they) don't own the building?
Because going to the bathroom is not directly productive, employees would see logging of bathroom usage as an attempt to improve productivity by encouraging people not to stick out as using the bathroom too often. That would be indicative of a larger cultural problem wherein management is trying to squeeze every last drop of productivity out of employees, generally by eliminating small pleasures like office social interaction and the ability to momentarily relax.
Indicating to MIT professors that they can't be trusted to use the bathroom responsibly is stupid because the consequences of "bathroom abuse" are very low - hell, who knows how many Nobel-prize-winning ideas were developed on the toilet. Further, they're not being paid to be present and take calls/help customers/make widgets. They're being paid to produce research findings. So even if they are spending all day in the bathrooms, as long as they're publishing, who cares?
Think about it like your house. I'll happily have keys made for extended family and close friends who are staying over. I know them, we will have an ongoing positive relationship, and I trust them. But what about the cleaning service? What about contractors? What about Airbnb guests? Given a checkbox, I'd definitely choose to log their entires. I probably wouldn't read the logs, but I'd feel better knowing they existed.
Before you say NSA, I'm collecting data on my house, not all the other houses on the block. I get to do that. There is no right to enter my house without letting met know about it.
I think you'd be surprised how many people never think about details like that in the commission of a crime. Also, stealing laptops and computer equipment are crimes of opportunity and rarely do people plan out extensively how they can get away with something like that before they do it.
Maybe the person before me took the laptop and I didn't notice? Or maybe the person before that? If a laptop is reported missing, there is no definite proof that the person who entered previous to the one who noticed that the laptop missing took it. Correlation does not equal causation.
It is absolutely the right of a private property owner to control and monitor access to its property.
Further, this data is actually useful: if something happens, you know who the last people to open the door were. Further, as a grantee of privileged access, you know that. You know you can't just say it must have been one of the 200 others with the common key. So it's more invisible prevention than measurable solving.
This lets administrators be more permissive about delegating access while simultaneously increasing security. For example, I work in a couple of the concert halls on campus. Students have always held keys to interior doors, but University policy was that students could not have unsupervised access to exterior doors, probably for insurance reasons.
This meant that if the boss wanted to leave the hall operational while not present, student staff would have to prop doors open. If the hall was locked, he'd have to drive all the way out to campus even if he didn't need to be there for the event. Now that we have an audit-trail-producing card reader system, administration is fine with granting students card access to exterior doors. We are both more efficient (because we don't waste supervisor time) and more secure (because students can lock doors and reopen them when necessary.)
In the past, when students have gone missing, their last contact was not with humans but with the access control system. It provided better "last known location" data that improved investigations. It can validate alibis (demonstrating that you were at a building across campus) and provide evidence in discipline proceedings (the alleged rapist says he wasn't there that night, but his ID swiped into the dorm a few seconds behind the alleged victim, etc.)
Access control logs introduce truth into otherwise ambiguous situations. It matters less what you think, who you like more, or what you want to be true because there is a record you can check. Whether it's "should we keep the library open later?" or "when exactly did this kid go missing?"
You also almost never have to interact with the access control system unless you hold privileged access as part of a job, research assignment, etc. Students who live off campus and don't study at the libraries can go months without pulling out their IDs. It's not like you need to swipe your card to walk down a public street. But when you are accessing university services, it seems only reasonable that the university gets to know that you're doing so.
This isn't a question of whether they should be allowed to log. This is a request to them to not log. By making it public, more people may back the request and the university can make a decision keeping in mind the opinions of students and scholars.
Again, because you seem to misunderstand this piece in many comments, this isn't about whether MIT can legally log. It's about whether they should. RMS is telling them they shouldn't not that they are legally constrained to not do so.
>Yeah, it is inconceivable that someone could ever steal or clone an ID card.
My school uses iCLASS smartcards. It's not a matter of cloning a serial number; you would need to break the RSA implementation or steal the school's private keys to produce a functioning duplicate.
If you steal a card from someone who lives in a dorm, they'll know as soon as they try to enter the dorm. The card you stole will be deactivated minutes later.
>"how do we keep constant tracking information from being abused in cases when the people being tracked are relatively honest?"
In cases of malevolent surveillance, there's usually a reason to oppose it. Insurance companies might charge extra to customers with higher risk profiles, like those who buy cigarettes and junk food. A right-wing government might try to disadvantage those who are gay, atheist, left-leaning, anti-war, etc. A left-leaning government might try to disadvantage Christian groups, people advocating conservative policy, etc. Any malevolent actor with access to surveillance data might blackmail people who are having affairs or end careers by sharing jokes in poor taste made among friends. Etc, etc.
How do you abuse door access data? What can MIT do with the fact that you entered a building at a certain time?
Those are a lot of hypotheticals. As RMS said in his article:
> Such claims must be put to the test. The NSA claimed that surveilling everyone in the US was vital for preventing terrorism. When it had to give details, it became clear that the supposed benefit did not exist.
And indeed, when RMS pressed the MIT police chief for actual evidence of the claimed benefits, he dodged the question.
No, it's asking them to prove a positive. CSAIL has been using the card system for 10 years now. If logging card access has all the pubic safety benefits that proponents claim it has, it should be possible to point to "criminals that have been caught, and/or property recovered." RMS asked the MIT police chief for this data, in aggregate (i.e. no personal details requested), and the MIT police chief dodged the question.
OK, how about comparing the rate of property crime in buildings using traditional, non-electronic locks, with buildings using electronic locks that track access?
The point here is that so far no evidence has been put forward to support all the hypothetical public safety benefits for which we're being asked to give up our privacy. That's troubling.
It is my privacy, and just because a private building owner can legally violate that privacy doesn't mean that they should or must[1], or that the users of that building shouldn't question the stated reasons that their privacy is being violated (particularly in the case of universities, which usually respect their community members' opinions more than a typical private organization).
[1] For this reason, your assertion that secretly entering a private building is a crime is not universally true.
Just because the owner has a legal right to keep tabs on people, and that doing so doesn't infringe on constitutionally protected rights, doesn't mean privacy isn't being violated or that (s)he is above criticism.
You do not get to enter a building that someone else owns while keeping that fact secret from the building owner. That's a crime.
Nobody is saying that it should be "kept a secret". Only that it shouldn't be on record, especially electronically. You know, like people do everywhere buildings have regular keys.
Another use for logging would be to account for people during emergencies. Firefighters, for instance, would probably find it useful to know that three people are apparently still in the building.
Employers can also demand you pee in a cup for them. Many employers consider that degrading to employees, and that making such demands of employees supports a counterproductive Drug War.
Employers can also paint the walls puke green and pipe in Muzak. They can hire the low bidder to make lunch out of pink slime. They can keep the offices at uncomfortable temperatures.
So, yes, they can also track you like tagged livestock. But they can also choose not to.
>Further, this data is actually useful: if something happens, you know who the last people to open the door were. Further, as a grantee of privileged access, you know that. You know you can't just say it must have been one of the 200 others with the common key. So it's more invisible prevention than measurable solving.
That's a big "if", though, and in the article, Stallman points out that MIT isn't able to actually show that it's a realistic reason to encourage this sort of surveillance.
I feel like there's a middle ground here -- for example, card readers could store a hash of an on-card identifier, one that the security staff do not have access to in normal student records. In exceptional circumstances, you could de-blind the logs and see if a single person was in the building at a given time or not, but there wouldn't be surveillance and the logs would be useless in the typical case.
A card swipe doesn't show that you're there, though. As a student I'd lend people my card all the time, as would most people I knew.
That defeats the purpose of "The place got trashed last night, who was it?"
However, a lot does depend on how the data is being used. My access pattern is very questionable. I swipe into my workplaces at weird times, sometimes to use the bathroom while coming back to the dorms from a party or something. I try my card on all kinds of doors just to see if they'll open. I've never been questioned about it.
I'm 99% certain that nobody is pulling the logs except in response to incidents.
It depends on the school. A university near me has people watching this data or some sort of anomaly detector running over it in real-time to try to catch parties in dorms. I think that's more than a little Orwellian.
Also yes, it eliminates the possibility of dragnet searching. This is by design. Dragnet searches go against the principles on which the United States was founded. If I am not personally suspected of a crime, my data must be sacrosanct or I have been demeaned as an individual. Innocent until proven guilty and unspied-upon until suspected personally.
Swiping into a building is the electronic equivalent of signing in on a clipboard held by a security guard. That is hardly spying, and it's definitely not "your data."
If a municipality were to do this with all the private residences under their jurisdiction, sure, that'd be Orwellian, because then it really is your data. In this case it's MIT's data about MIT's facility that happens to have been triggered by you.
Most uses of that kind of data are confidential and exactly the kind of thing you would expect campus police or IT to refuse to disclose any details about.
I would never trust campus police with that access data. Police officers are under-educated, often predjudiced, and operate under a shield of un-prosecutability that makes them rouge agents. Further, on college campuses, students frequently are employed within campus police/public safety in ways that would make it very easy for them to grab the data.
Were that system implemented (which it should never be, because I thought of it in 10 seconds for a hacker news comment and anything real would need to be much more thought out), the list of card IDs should exist only on paper, in a locked file cabinet, controlled by someone whose job it is specifically to safeguard the privacy of students. Maybe the existing roles that manage grade privacy.
IT is even worse. I'd hate for a creepy sysadmin intern I declined to go on a date with to know where I lived or if I was alone in an academic building at night.
