“Don’t spy on a privacy lab” (and other career advice for university provosts)

mostlysignssomeportents:

image

This is a wild and hopeful story: grad students at Northeastern successfully pushed back against invasive digital surveillance in their workplace, through solidarity, fearlessness, and the bright light of publicity. It’s a tale of hand-to-hand, victorious combat with the “shitty technology adoption curve.”

What’s the “shitty tech adoption curve?” It’s the process by which oppressive technologies are normalized and spread. If you want to do something awful with tech — say, spy on people with a camera 24/7 — you need to start with the people who have the least social capital, the people whose objections are easily silenced or overridden.

That’s why all our worst technologies are first imposed on refugees -> prisoners -> kids -> mental patients -> poor people, etc. Then, these technologies climb the privilege gradient: blue collar workers -> white collar workers -> everyone. Following this pathway lets shitty tech peddlers knock the rough edges off their wares, inuring us all to their shock and offense.

https://pluralistic.net/2022/08/21/great-taylors-ghost/#solidarity-or-bust

20 years ago, if you ate dinner under the unblinking eye of a CCTV, it was because you were housed in a supermax prison. Today, it’s because you were unwise enough to pay hundreds or thousands of dollars for “home automation” from Google, Apple, Amazon or another “luxury surveillance” vendor.

Northeastern’s Interdisciplinary Science and Engineering Complex (ISEC) is home to the “Cybersecurity and Privacy Institute,” where grad students study the harms of surveillance and the means by which they may be reversed. If there’s one group of people who are prepared to stand athwart the shitty tech adoption curve, it is the CPI grad students.

Which makes it genuinely baffling that Northeastern Senior Vice Provost for Research David Luzzi decided to install under-desk heat sensors throughout ISEC, overnight, without notice or consultation. Luzzi signed the paperwork that brought the privacy institute into being.

Students throughout ISEC were alarmed by this move, but especially students on the sixth floor, home to the Privacy Institute. When they demanded an explanation, they were told that the university was conducting a study on “desk usage.” This rang hollow: students at the Privacy Institute have assigned desks, and they badge into each room when they enter it.

As Privacy Institute PhD candidate Max von Hippel wrote, “Reader, we have assigned desks, and we use a key-card to get into the room, so, they already know how and when we use our desks.”

https://twitter.com/maxvonhippel/status/1578048837746204672

So why was the university suddenly so interested in gathering fine-grained data on desk usage? I asked von Hippel and he told me: “They are proposing that grad students share desks, taking turns with a scheduling web-app, so administrators can take over some of the space currently used by grad students. Because as you know, research always works best when you have to schedule your thinking time.”

That’s von Hippel’s theory, and I’m going to go with it, because Luzzi didn’t offer a better one in the flurry of memos and “listening sessions” that took place after the ISEC students arrived at work one morning to discover sensors under their desks.

This is documented in often hilarious detail in von Hippel’s thread on the scandal, in which the university administrators commit a series of unforced errors and the grad students run circles around them, in a comedy of errors straight out of “Animal House.”

https://twitter.com/maxvonhippel/status/1578048652215431168

After the sensors were discovered, the students wrote to the administrators demanding their removal, on the grounds that there was no scientific purpose for them, that they intimidated students, that they were unnecessary, and that the university had failed to follow its own rules and ask the Institutional Review Board (IRB) to review the move as a human-subjects experiment.

The letter was delivered to Luzzi, who offered “an impromptu listening session” in which he alienated students by saying that if they trusted the university to “give” them a degree, they should trust it to surveil them. The students bristled at this characterization, noting that students deliver research (and grant money) to “make it tick.”

image

[Image ID: Sensors arrayed around a kitchen table at ISEC]

The students, believing Luzzi was not taking them seriously, unilaterally removed all the sensors, and stuck them to their kitchen table, annotating and decorating them with Sharpie. This prompted a second, scheduled “listening session” with Luzzi, but this session, while open to all students, was only announced to their professors (“Beware of the leopard”).

The students got wind of this, printed up fliers and made sure everyone knew about it. The meeting was packed. Luzzi explained to students that he didn’t need IRB approval for his sensors because they weren’t “monitoring people.” A student countered, what was being monitored, “if not people?” Luzzi replied that he was monitoring “heat sources.”

https://github.com/maxvonhippel/isec-sensors-scandal/blob/main/Oct_6_2022_Luzzi_town_hall.pdf

Remember, these are grad students. They asked the obvious question: which heat sources are under desks, if not humans (von Hippel: “rats or kangaroos?”). Luzzi fumbled for a while (“a service animal or something”) before admitting, “I guess, yeah, it’s a human.”

Having yielded the point, Luzzi pivoted, insisting that there was no privacy interest in the data, because “no individual data goes back to the server.” But these aren’t just grad students — they’re grad students who specialize in digital privacy. Few people on earth are better equipped to understand re-identification and de-aggregation attacks.

image

[Image ID: A window with a phrase written in marker, ‘We are not doing science here’ -Luzzi.]

A student told Luzzi, “This doesn’t matter. You are monitoring us, and collecting data for science.” Luzzi shot back, “we are not doing science here.” This ill-considered remark turned into an on-campus meme. I’m sure it was just blurted in the heat of the moment, but wow, was that the wrong thing to tell a bunch of angry scientists.

From the transcript, it’s clear that this is where Luzzi lost the crowd. He accused the students of “feeling emotion” and explaining that the data would be used for “different kinds of research. We want to see how students move around the lab.”

Now, as it happens, ISEC has an IoT lab where they take these kinds of measurements. When they do those experiments, students are required to go through IRB, get informed consent, all the stuff that Luzzi had bypassed. When this is pointed out, Luzzi says that they had been given an IRB waiver by the university’s Human Research Protection Program (HRPP).

Now a prof gets in on the action, asking, pointedly: “Is the only reason it doesn’t fall under IRB is that the data will not be published?” A student followed up by asking how the university could justify blowing $50,000 on surveillance gear when that money would have paid for a whole grad student stipend with money left over.

Luzzi’s answers veer into the surreal here. He points out that if he had to hire someone to monitor the students’ use of their desks, it would cost more than $50k, implying that the bill for the sensors represents a cost-savings. A student replies with the obvious rejoinder — just don’t monitor desk usage, then.

Finally, Luzzi started to hint at the underlying rationale for the sensors, discussing the cost of the facility to the university and dangling the possibility of improving utilization of “research assets.” A student replies, “If you want to understand how research is done, don’t piss off everyone in this building.”

Now that they have at least a vague explanation for what research question Luzzi is trying to answer, the students tear into his study design, explaining why he won’t learn what he’s hoping to learn. It’s really quite a good experimental design critique — these are good students! Within a few volleys, they’re pointing out how these sensors could be used to stalk researchers and put them in physical danger.

Luzzi turns the session over to an outside expert via a buggy Zoom connection that didn’t work. Finally, a student asks whether it’s possible that this meeting could lead to them having a desk without a sensor under it. Luzzi points out that their desk currently doesn’t have a sensor (remember, the students ripped them out). The student says, “I assume you’ll put one back.”

image

[Image ID: A ‘public art piece’ in the ISEC lobby — a table covered in sensors spelling out ‘NO!,’ surrounded by Sharpie annotations decrying the program.]


They run out of time and the meeting breaks up. Following this, the students arrange the sensors into a “public art piece” in the lobby — a table covered in sensors spelling out “NO!,” surrounded by Sharpie annotations decrying the program.

Meanwhile, students are still furious. It’s not just that the sensors are invasive, nor that they are scientifically incoherent, nor that they cost more than a year’s salary — they also emit lots of RF noise that interferes with the students’ own research. The discussion spills onto Reddit:

https://www.reddit.com/r/NEU/comments/xx7d7p/northeastern_graduate_students_privacy_is_being/

Yesterday, Luzzi capitulated, circulating a memo saying they would pull “all the desk occupancy sensors from the building,” due to “concerns voiced by a population of graduate students.”

https://twitter.com/maxvonhippel/status/1578101964960776192

The shitty technology adoption curve is relentless, but you can’t skip a step! Jumping straight to grad students (in a privacy lab) without first normalizing them by sticking them on the desks of poor kids in underfunded schools (perhaps after first laying off a computer science teacher to free up the budget!) was a huge tactical error.

A more tactically sound version of this is currently unfolding at CMU Computer Science, where grad students have found their offices bugged with sensors that detect movement and collect sound:

https://twitter.com/davidthewid/status/1387909329710366721

The CMU administration has wisely blamed the presence of these devices on the need to discipline low-waged cleaning staff by checking whether they’re really vacuuming the offices.

https://twitter.com/davidthewid/status/1387426812972646403

While it’s easier to put cleaners under digital surveillance than computer scientists, trying to do both at once is definitely a boss-level challenge. You might run into a scholar like David Gray Widder, who, observing that “this seems like algorithmic management of lowly paid employees to me,” unplugged the sensor in his office.

https://twitter.com/davidthewid/status/1387909329710366721

This is the kind of full-stack Luddism this present moment needs. These researchers aren’t opposed to sensors — they’re challenging the social relations of sensors, who gets sensed and who does the sensing.

https://locusmag.com/2022/01/cory-doctorow-science-fiction-is-a-luddite-literature/


[Image ID: A flier inviting ISEC grad students to attend an unadvertised ‘listening session’ with vice-provost David Luzzi. It is surmounted with a sensor that has been removed from beneath a desk and annotated in Sharpie to read: ‘If found by David Luzzi suck it.’]