Preventing TAMI abuse by members or visitors

Following last member meeting, when a new member acceptance process was not approved, which understandably created frustration with the people who maintain the place, and see there work undone by others.
So the issue is not only with new members, but with existing ones.
In the past surveillance cameras were rejected because of privacy issues.

A compromise is to have the video encrypted (possibly at the source,) and require a quorum decision to allow decryption in case the need to find the culpable for breaking, stealing, or other serious forms of abuse of the space. I think @test said this was already implemented in one hackerspace (maybe c-base,) and we may learn from their experience, and use their work (assuming it is open-sourced.) There are cryptographic methods for Secret sharing designed for retrieving secrets made possible only by a quorum decision.

Your thoughts?

I always been pro camera. TAMI is a public place, so if privacy is your concern, you should not visit public spaces which have video surveillance (everywhere), walk on the street (police cameras, private dashcams, GoPro), or have a biometric passport, or you use a smartphone. At the airport the security also has face recognition. So if you don’t fly, don’t go to supermarket, walk on the street with facemask and use Nokia 3110 - yes, privacy argument is valid. Elseway stop waving it.

You are arguing that because there is no privacy anywhere else, we should not have it here. But that is begging the question: do we want privacy? I do want privacy for one.
Second, the fact that TAMI is public has nothing to do with capturing video footage. Again, this is the actual question, and saying TAMI is public does not answer it: do we want to capture footage? I prefer not to, but I am ok with the encryption scheme that Ronen suggests *.

  • I don’t know any quorum key software by heart, but I am sure it is doable - as an example ugly implementation, for every M out of M of us, assuming we all have private public key pair, we can generate another key (symmetric or pubpriv), and encrypt it by any of the M subsets of N of us, and store all of those somewhere, and encrypt the footage with the key. to have a key for a particular day we would use a key per day.
1 Like

While I don’t buy the ‘surveillance is everywhere so it doesn’t matter’ arguement (I’d love to go into detail on that, but over a beer rather than an inefficient medium such as email), I have been a proponent of the N of M secured video surveillance before, and have some (poor quality) proof of concept code for implementing it. I’ll try to get it cleaned up at least a bit, and up on GitHub this week. Open source license of done flavour, need to check the license of the error coding library I’m using to know which one.

If you are talking about Germany and the EU, generally speaking it is not always illegal for a company (e.g., a store) to install CCTV cameras, but there are many stringent guidelines, for example they need a valid reason (and reasoning) for the installation of such a system (explicit monitoring of employees is not considered a valid reason), specific and reasonable areas of installation, also all this must be communicated to everybody in advance. Also you need to demonstrate that you have a legitimate reason to process people’s personal data and that this outweighs their privacy rights. You need to have big warning signs including a contact number. Then there are strict regulations about making sure all information is secure, encrypted, access to it is restricted, securely erased within a legally mandated period (something like 1 month), the system needs to be registered with the proper authorities who make sure everything is OK, and so on.

As an example of someone who got in legal trouble for breaching data protection laws was a guy who was being attacked by some people, so he installed some cameras which filmed some public areas (the outside of his house). He captured video of some suspects breaking his windows, which he sent to the police. He was fined for breaching European data-protection regulations.

Anyway, this is all stuff for the lawyers (which anyone thinking about doing video surveillance needs to talk to first, especially since laws vary by country, even within the EU). However, if you consider, as you should, what is ethical, and also what is acceptable in the hacker community, it is pretty clear that you cannot film people who do not agree just because you may feel like it. There is also the matter that cameras do not prevent crime, but that is a separate issue.

Of course it is not theoretically impossible (note that you have to take into consideration physical security of these N machines (+ the machine attached to the camera) and other such side channels), but this is not really the central issue.

Please stop bringing international laws into this discussion. We do not live in Germany, UK, European Union or US. Your point is irrelevant. You’re not an employee, if you agree to be inside, you agree to be taped.

And let me understand what is your concern - you don’t want your privacy hampered while in TAMI? TAMI is an organization, it shouldn’t cater to private interests of people and their private concerns, the same way doesn’t care for safety standards for it’s members.
This is the most pointless argument: TAMI members infringing their OWN privacy to look at THEMSELVES. It’s not like some third party going to look at you having dinner with your GF. Nothing interesting there - people sawing, soldering, welding, machining… Pretty boring stuff to look at.

I said “laws vary by country”. If you do not know the local laws, then what are you arguing about?

Also, I see people posting above you who say they value their privacy and do not agree to be taped, and people also ask about this issue in person all the time, so you speak only for yourself. (Like everybody else here)

You have freedom to do what you like. In your private space. TAMI is not your private space, mr.Test.

fine. you are ok with Ronen’s scheme.

but I am not ok with it, sorry.

It’s your opinion, and you can hold onto it. I feel like there’s more value to a “concept” of privacy in TAMI, than to machinery, which costs money, and time of people who take care that things keep working, and that for me costs a helluva lot more than a “concept” of privacy you’re trying to promote, which is not real privacy in my opinion.

This is a very narrow minded view of privacy. Taken to its extreme, do you automatically consent to be strip searched every time you visit TAMI? Of course not.

TAMI is an organisation run by its members, and as such the members as a collective get to decide the privacy expectations within TAMI. I’ve certainly done things in TAMI I wouldn’t want streamed all over the internet, for example. That’s my personal choice, and knowing the only camera was the crazily obsfercated space cam influenced how comfortable I was spending time there.

You might be totally comfortable being watched by millions 24 / 7 - that doesn’t mean everybody is.

nice, we are humming

This is a huge gap you’re jumping, from security footage to something that even police needs your concent. (strip searches)
As a community, we decided several times that it is necessary to install a security camera, but a vocal minority in TAMI, which has paramount concerns about their privacy ruled this option out, every time it was proposed. Moreover, every new member is surprised by the lack of cameras in the hackerspace. So I hope that a majority will decide what to do on this case, not principle of a couple of people.

classic steve mann sketch

What if the conditions for decrypting the footage are defined, and the quorum need to agree that they have been met?

Also, I don’t think we should hold footage for more than a week.

You have to understand that there is a real problem of TAMI abuse we are trying to solve. @id3m has already stopped participating in the Guaranteed to be Open program in protest of not having a member acceptance procedure approved last TAMI member meeting.

TAMI need to attract enough people in order to be financially viable, more people means the balance between maintainers of the place and its equipment vs. the abusers of TAMI is disrupted. We already know that money was stolen from the donation box, equipment was stolen, or broken due to miss-use or abuse.

Do you have an alternative solution to the problem? I understand that even this weaken type of surveillance is evil, but it’s about choosing the lesser evil.

I’m not against cameras i’m just not sure it’s the right solution for the specific problems described.
Since TAMI attracts a lot of new visitors, i think that even if you have a footage of a theft or vandalism, you won’t have much to do with it as most chances are that no one know who that person is and the police probably won’t do anything.
So here’s a list of solutions I could think of:

  1. Regarding the donations box - use a more secured location and box.
  2. Regarding damaged equipment - maintaining a list of the equipment and usability status by dates.
  3. Member and visitor log so in case of damage we can tell who was present at TAMI when such damage has occurred (I think this point will also benefit us on a marketing perspective as it will enable us to get some data regarding visitors frequency).
  4. Theft of equipment - I assume at least part of the theft is actually the case of loaning equipment that users forget to return - maintain equipment loaning list (together with the equipment list mentioned above).
    I’m well aware of the overhead that these steps might take, I think they might be more effective than using surveillance cameras in case they will be installed.

This notion is concerning me. It is almost like the decision of the US court that corporations are people too (in the eyes of the law).
Let me be clear: TAMI is here for it’s members. I take quite the opposite view from your statement above: Things that happen in TAMI should be agreed upon by all of it’s members (consensus should be reached), either by avoiding a coordinated decision (i.e. doacracy), or in the extreme cases where that is not possible, by majority (i.e. by overrulling a bunch of otherwise awesome TAMI members).
Safety: of course we care about the safety. We ask that people be thought to use the dangerous equipment.

1 Like

Setting TAMI’s relationship with privacy aside, I agree with Ronen there is a real problem to solve here - by real I mean something which is hurting TAMI both financially and socially. As I see it ours is a social problem, and while instinct is to throw tech at our problems it seems to me that cameras will only introduce new technical problems without helping the core issue much.

I’d like to suggest the following ~simple change to how we welcome visitors to TAMI: introducing the TAMI-hack-master (THM) role, whomever opens the place basically. The THM should collect some form of deposit from visitors, ID, rav-kav, etc and place them in a member-unlockable clear box. Upon leaving, visitors collect their deposit after demonstrating that their workspace is not a complete mess, along the way perhaps let the THM know what they’ve been hacking on, and politely routed through the closest donation box or TAMI-like-button. The THM also makes sure first time visitors get a TAMI intro talk.

Ideally the THM shall dawn some visual marker to encourage anyone to approach him regarding anything - a feathery cap, a tiger tooth necklace or an inflatable apparatus of any kind. Need to leave? no problem, simply pass ‘it’ to another member. The downside is the additional headache & productivity hit the THM takes, but the upside is a getting better acquainted with TAMI users, and hopefully a decline in abuse cases. Implementing it will require use to rehash the TAMI member list, replace the front door lock, etc.

Adopting a THM role will obviously not prevent all possible abuse scenarios, and it does take us slightly away from a core idea upon which TAMI has stood on - the free-walk-in-out ideal, but I think it at least turns our problem into something which generates contact between members, which is a good thing.