Is Your Printer Spying On You?
Imagine that every time you printed a document, it automatically included a secret code that could be used to identify the printer – and potentially, the person who used it. Sounds like something from an episode of “Alias,” right?
Unfortunately, the scenario isn’t fictional. In a purported effort to identify counterfeiters, the US government has succeeded in persuading some color laser printer manufacturers to encode each page with identifying information. That means that without your knowledge or consent, an act you assume is private could become public. A communication tool you’re using in everyday life could become a tool for government surveillance. And what’s worse, there are no laws to prevent abuse.
The ACLU recently issued a report revealing that the FBI has amassed more than 1,100 pages of documents on the organization since 2001, as well as documents concerning other non-violent groups, including Greenpeace and United for Peace and Justice. In the current political climate, it’s not hard to imagine the government using the ability to determine who may have printed what document for purposes other than identifying counterfeiters.
With no laws on the books, there’s nothing to stop the privacy violations this technology enables. For this reason, EFF is gathering information about what printers are revealing and how – a necessary precursor to any legal challenge or new legislation to protect your privacy. And we could use your help.
In the preliminary research paper linked below, we explain what we’ve observed so far, briefly explore the privacy implications, and ask you to print and send us test sheets from your color laser printer and/or a color laser printer at your local print shop. That way, we can watch the watchers and ensure that your privacy isn’t compromised in ways that harm your fundamental consitutional rights.
In addition to documenting what printers are revealing, EFF has filed a Freedom of Information Act (FOIA) request, and we will keep you updated on what we discover. In the meantime, we urge you to participate and pass the word along about this research project. Thank you for your support! 23rd, 2009
Tiny Dots Show Where and When You Made Your Print
San Francisco – A research team led by the Electronic Frontier Foundation (EFF) recently broke the code behind tiny tracking dots that some color laser printers secretly hide in every document.
The U.S. Secret Service admitted that the tracking information is part of a deal struck with selected color laser printer manufacturers, ostensibly to identify counterfeiters. However, the nature of the private information encoded in each document was not previously known.
“We’ve found that the dots from at least one line of printers encode the date and time your document was printed, as well as the serial number of the printer,” said EFF Staff Technologist Seth David Schoen.
You can see the dots on color prints from machines made by Xerox, Canon, and other manufacturers (for a list of the printers we investigated so far, see: http://www.eff.org/Privacy/printers/list.php). The dots are yellow, less than one millimeter in diameter, and are typically repeated over each page of a document. In order to see the pattern, you need a blue light, a magnifying glass, or a microscope (for instructions on how to see the dots, see: http://www.eff.org/Privacy/printers/docucolor/).
EFF and its partners began its project to break the printer code with the Xerox DocuColor line. Researchers Schoen, EFF intern Robert Lee, and volunteers Patrick Murphy and Joel Alwen compared dots from test pages sent in by EFF supporters, noting similarities and differences in their arrangement, and then found a simple way to read the pattern.
“So far, we’ve only broken the code for Xerox DocuColor printers,” said Schoen. “But we believe that other models from other manufacturers include the same personally identifiable information in their tracking dots.”
You can decode your own Xerox DocuColor prints using EFF’s automated program at http://www.eff.org/Privacy/printers/docucolor/index.php#program.
Xerox previously admitted that it provided these tracking dots to the government, but indicated that only the Secret Service had the ability to read the code. The Secret Service maintains that it only uses the information for criminal counterfeit investigations. However, there are no laws to prevent the government from abusing this information.
“Underground democracy movements that produce political or religious pamphlets and flyers, like the Russian samizdat of the 1980s, will always need the anonymity of simple paper documents, but this technology makes it easier for governments to find dissenters,” said EFF Senior Staff Attorney Lee Tien. “Even worse, it shows how the government and private industry make backroom deals to weaken our privacy by compromising everyday equipment like printers. The logical next question is: what other deals have been or are being made to ensure that our technology rats on us?”
EFF is still working on cracking the codes from other printers and we need the public’s help. Find out how you can make your own test pages to be included in our research at http://www.eff.org/Privacy/printers/wp.php#testsheets.
Which Printers have the dots?
Deeplink by Seth Schoen
In a recent review of the HP Color LaserJET CM3530 printer, the magazine Government Computer News called out the use of tracking codes — which GCN referred to as “a secret spy program” — as the biggest problem with that printer. GCN found that the yellow dots produced by this printer particularly degraded print quality and noted that some people would question the “logic or appropriateness” of having printers produce the dots at all; it concluded that even people who didn’t object to the tracking codes in principle would regret the poor print quality they produced in this case.
The review also credited EFF for discovering and exposing this issue. (In fact, we first learned about it through other journalists’ reports and discussions by privacy activists like Lauren Weinstein — but we were the first to publish how some of the tracking systems work, and we’ve worked to bring this issue to the public’s attention and figure out how the government persuaded printer companies to cooperate.)
MIT researcher Benjamin Mako Hill, who’s collaborated with us to produce the Seeing Yellow campaign, described product behaviors like the printer tracking dots as “antifeatures” in a 2007 article. Hill says “[a]n antifeature [...] is functionality that a technology developer [would] charge users to not include [where i]t is more difficult for [manufacturers] to limit [a product] than it is to leave them unconstrained, and the limit is not something that any user would request”. He also notes that “[s]ometimes, as in the case with many DRM systems, users cannot pay to turn their antifeatures off at all!” That’s true here as well: printer manufacturers haven’t reacted to users’ requests to disable tracking functions.
Sometimes a particular antifeature is ubiquitous within an industry. Documents we’ve begun to receive in response to our FOIA requests suggest that the government may have convinced all printer manufacturers to put some kind of tracking mechanism in every color laser printer. Major music labels used to insist on DRM for virtually all music sold on-line (though not for precisely the same music sold on CD). When an antifeature is extremely widespread, it can start to appear normal, and it can even be surprising when product reviewers characterize it as a problem. If everybody in an industry is doing something, it may seem at best redundant to complain about specific instances of the problem.
But comprehensive product reviews and consumer advocacy by journalists are essential parts of the competitive process. Accepting antifeatures as normal merely because they are widespread guarantees that they will remain widespread, and when product reviewers assume that consumers are powerless to influence industry behavior, they ensure that consumers will remain powerless. Building consumer awareness of product design decisions starts with discussing these decisions in the context of individual products — as the late technology journalist and consumer advocate Ed Foster often did in criticizing DRM antifeatures in his GripeLog. Surely the willingness of people like Ed Foster to insist that consumers can and should complain about these misfeatures has been an important factor in the music industry’s long-awaited move away from them. And they help spread the message that competitors can differentiate themselves in an antifeature-prone industry by doing the right thing for consumers.
So thanks to GCN for recognizing — and highlighting to people who might otherwise not have pondered — that the printer dots are a problem worth talking about. Here’s hoping other reviewers will do the same.