Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smartcards to Track London Commuters

Posted by michael on from the skip-the-orwell-references-please dept.

misterpies writes "Technophiles across London have been excited about the recent introduction of Oyster smartcards on public transport to replace old-fashioned paper tickets. Their enthusiasm might cool off now that London Transport has admitted that not only can the card be used to track your journey across London -- they're actually going to keep the data for 'a number of years'. Add that to their congestion charge cameras used for tracking car movements and pretty soon you'll have to stick to walking if you don't want your movements tracked. Until they implement those facial recognition systems that were such a great success in Tampa, Florida."

19 of 347 comments (clear)

  1. You're tracked in London. Period. by vinsci · · Score: 4, Informative
    London has the worlds highest concentration of monitoring video cameras. The average Londoner is caught on video tape three hundred (300) times a day.

    See also Central London webcams go dark for anti-war demo at The Register.

    --

    Trusted Computing FAQ | Free Dawit Isaak!
  2. Degauss for Privacy by Bonker · · Score: 4, Informative

    http://www.degaussers.net/degausserVS250.htm

    In some cases, the data is not kept on the card, but more and more I run into places that want to 'swipe' various cards to input data into their systems. This is starting to become very notable in Texas, where everyone and their brother wants to swipe your TXDL while you're paying.

    Degaussing my driver's license and ruining the track 1 and 2 data stored on it means that the various POS terminals that want to scan it go balls up. The manager comes over and almost invariably says 'Hmmm... Treat this like a cash payment.'

    It's not perfect, but it's a step in the right direction.

    Is inconvenience worth your privacy? It is for me.

    --
    The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
    1. Re:Degauss for Privacy by iainl · · Score: 2, Informative

      Why in God's name would you do this to an Oyster card? They wouldn't work then.

      --
      "I Know You Are But What Am I?"
    2. Re:Degauss for Privacy by 200_success · · Score: 3, Informative

      Degaussing the magnetic strip on your driver's license might be considered mutilation, and might be illegal. Besides, a store clerk who gets your license with a damaged magnetic stripe might just decide to hand-copy the information on it, which doesn't help your privacy. What you want to do is to refuse to hand over your license in the first place.

      The contracts that the merchants have with Visa, MasterCard, and American Express prohibit them from requiring your ID to charge one of their cards. Furthermore, in some states it is illegal to ask for personal information when taking a credit card. (Texas is not among them.)

      The link has a number of other interesting facts:

      • Visa and MasterCard don't allow their merchants to specify minimum charges or surcharges for using their cards.
      • If a merchant doesn't comply with the above rules, you can report them to your credit card company.
      • Some states (Texas not among them) forbid merchants to write your credit card number on a check.
  3. Actually has some benefits too... by JayJayEm · · Score: 2, Informative
    While I can see there are privacy implications with the storing of this data (especially with name/address data stored for billing purposes), it seems to me there are also fairly large advantages in using such a system, both to the operators and passengers.

    Firstly, readers should remember that Transport for London, who currently operate the tube network are a publically run company whose sole aim is to provide cheap and efficient travel for Londoners and visitors. Even if the Tube did move to a public-private-partnership type set up, I doubt individual operators would have serious access to this data.

    It seems to me that decent statistics on the routes that people take through the network could provide a gold mine of information for transport planners to further improve transport in London.

    A secondary benefit is that it also ensures that London buses can slowly move towards being cashless (when prepay cards are introduced later this year), which helps prevent petty theft and assaults on bus drivers. Furthermore, bus drivers need waste less time at stops counting cash and giving change.

    I would say that I'd rather have less theft from buses and a better planned transport network than an ability (which using prepay you'll still have anyway) to travel on a season ticket anonymously and (more, not fully) untraceably. Yes there are privacy implications, but I'm more than happy to put up with them for the possible benefits.

  4. What's new? by Larsing · · Score: 4, Informative

    And how is this any different from the ordinary magnetic strip paper cards which has been in use for years on the Tube?
    They, incidentally, also have a unique ID number linked to the registered owner's name, which is recorded together with the location and time of the exchange every time the card is used...

    --
    Ethics is what you say you do. Morals is what you actually do.
    1. Re:What's new? by mikeplokta · · Score: 2, Informative

      The machines that scan the mag-strip cards do not record the timestamp, location and card number in a central database. The Oystercard machines do.

  5. Re:I will now nitpick by Anonymous Coward · · Score: 1, Informative

    Are the smart cards actually personalized? Do they know that Phil McBucktooth went from picadilly circus to the moors of wankershire on Oct 12th, or do they just know where card #5479013-31235234 is?

    Well, you have to "personalise" the card, so I guess it will be about as hard as

    select j.*
    from journeys j, customers cu, cards ca
    where ca.customer = cu.id
    and j.card = ca.id
    and cu.name = 'Phil McBucktooth'
    and j.date = '12/10/03'

    which is not exactly rocket science.
    Basically, they've got all the information they need, there's no way they're not going to use it if it's legal or no-one will know.

  6. But.... by tarquin_fim_bim · · Score: 3, Informative

    "Until they implement those facial recognition systems"

    ...they already have in London Borough of Newham.

  7. Re:Paying for privacy... by revtom · · Score: 2, Informative

    We have this in Chicago already.

    http://www.chicagotransitauthority.com/

    --
    -- We live in a kakistocracy.
  8. Re:Indeed you are... by ichimunki · · Score: 3, Informative

    Thank you for the voice of sanity in this discussion. It's been my position for some time that the best way to prevent abuse of this type of data is not to try and abolish it altogether, but to put some public accountability into the system (i.e. being able to audit the records they hold on me). After all, understanding trip patterns or customer behaviors or whatever is highly valuable information for those providing services of this type. This allows them (hopefully) to model various situations and to attempt to improve service. What I'd be curious to hear is how well people have found the system to work in London for requesting this stuff. Is there any evidence of governmental misuse of the data?

    --
    I do not have a signature
  9. Re:What's the problem? by 91degrees · · Score: 2, Informative

    Because I don't like being tracked. I find it offensive.

  10. Re:This is hardly new by mikeplokta · · Score: 2, Informative

    You may have no doubt, but you're wrong. The magnetic card readers allow access but do not record any identifiable information about card usage.

  11. Re:Indeed you are... by kiwi_james · · Score: 4, Informative

    request from London Transport a copy of all information they hold on their computer systems about you and your travel movements

    Or you could just do it yourself at a ticket machine.

    Walk up to any of the touchscreen ticket machines and swipe your Oystercard near the big yellow card reader thingee.

    Up pop a couple of options mainly to do with renewing your card - however there is one to view your usage history. I was quite interested when I saw it - as I wondered how much they tracked - so I swiped the card and got a nice list of all my trips over the last week - bus, train and tube - all with dates/times.

    At least if they're logging it you can actually see for yourself what they're logging without a big effort.

    Does anyone know if this trip information is stored on the Oyster Card itself, a server, or both?

  12. Re:Paying for privacy... by Becquerel · · Score: 2, Informative

    The population of London is just over 7 million at last estimate. But the conclusions still hold.

    --
    My spelling isn't bad, I'm evolving the language
  13. We've had this problem for a long time by Inode+Jones · · Score: 2, Informative

    Back in 1994, the Toronto Transit Commission (TTC) introduced annual transit passes. These were credit-card sized, with a magnetic strip to operate the turnstiles and your picture on the card for boarding buses and streetcars. You needed to provide your address when getting the pass in the first place.

    No smart cards or RFID needed - presumably each pass had a unique magnetic code, which the TTC can correlate with your photo and address at the time the pass is issued. I don't know if the turnstiles logged the use of the magnetic cards for any extended period of time. They do enforce the rule that the same card cannot operate the turnstiles at a station within a 5-minute time span, to avoid obvious sharing.

    This type of tracking was possible only with the single-card pass. Monthly pass users have a separate magnetic card and photo-ID, which are not correlated. You buy a new magnetic card each month, write your photo-ID number on it and away you go, so the mapping between magnetics and person changes each month.

    The TTC also had a monthly subscription system where you could give them a credit card number and they mail you a magnetic pass each month. Same problems.

    I thought I had a comp.risks submission about this, but I can't find it in the archives.

  14. NYC Metrocard and 2600 by Douglas+Simmons · · Score: 2, Informative

    When this happened in NYC several years ago, techno-alarmists would get to retain their privacy while taking advantage of the Metrocard convenience by swapping Metrocards with fellow hackers at weekly 2600 meetings at the Citicorp building. Perhaps something similar will start with our paranoid London counterparts and their 2600-equivilant meetings.

    By the way, NYC has completely phased out tokens. In doing so, they are also phasing out mass-transit employees with sizable layoffs. And they upped the fare from $1.50 to $2. They save money with the more effecient machines and the fare hike, but at the same time thirst for more dollars by laying off lots of good people whom I prefer to deal with over computers. Bastards.

  15. Data Protection Act by t_allardyce · · Score: 2, Informative

    You can search the data protection register to see what sort of information organisations keep, "Transport for London" gives you a pretty long list but i cant find anything that says they would store the journey?

    --
    This comment does not represent the views or opinions of the user.
  16. Re:Paying for privacy... -- EZ Pass by peteo · · Score: 2, Informative

    They already do this in singapore. But they give you the ticket right when you get off the turnpike! DOH!