News 

The digital rights campaigner Electronic Freedom Frontier (EFF) recently cracked a secret code embedded in pages printed on Xerox's high-end DocuColor laser printer, confirming the suspicion that technology companies were working alongside governments to track the way we use technology.

'We've found that the dots from at least one line of printers encode the date and time your document was printed, as well as the serial number of the printer,' said EFF technologist Seth David Schoen. 'So far, we've only broken the code for Xerox DocuColor printers, but we believe that other models from other manufacturers include the same personally identifiable information in their tracking dots.'
According to the EEF, the dots are printed on pages produced by virtually every major colour laser printer manufacturer, including HP and Canon.

The almost invisible marks are yellow, formed into a grid less than 1mm across, and are typically repeated on each page of a document.

Eric Zahren of the US Secret Service asserts: 'the technology is simply designed to make it more difficult to use computing equipment for illegally reproducing US currency,' and stresses that it doesn't track the use of a computer's hardware or software.

But this overlooks the obvious fact that print-outs record users' actions.

If a government agency, or anyone else with knowledge of the code, knows who printed a document, they most certainly know what a user has been doing with the software on their PC - it's there in black and white.

What concerns privacy lawyers is the underhand nature of the tracking technology, which has certainly not been publicised - to see the pattern, you need a blue light and a magnifying glass, or a microscope - and is not apparently covered by any sort of investigatory laws.

'There seems to be no assurance that governments will only use the information for tracing counterfeit money,' said a spokesperson for the Centre for Democracy and Technology. 'Consumers haven't been told this technology exists in machines they are buying. At the very least there should be a notice to consumers.'

Of course, governments have a responsibility to curb counterfeiting, but civil liberties campaigners say this embedded coding

ADVERTISEMENT

removes anonymity from people who might have a legitimate reason for concealing their identity.

'Underground democracy movements that produce political or religious pamphlets and flyers, like the Russian Samizdat of the 1980s, will always need the anonymity of simple paper documents, but this technology makes it easier for governments to find dissenters,' said EFF lawyer Lee Tien.

'Even worse, it shows how the government and private industry make back-room deals to weaken our privacy by compromising everyday equipment such as printers. The logical next question is: what other deals have been or are being made to ensure that our technology rats on us?'

And if these codes are known outside the government departments they were designed for, they could be very useful to corporate snoopers too.

'I'd love to have been able to find out who printed some documents, especially when they were released to the press,' one former chief executive told PC Pro. 'I wouldn't be surprised if this news boosted sales for Xerox.

'People are taking data security more seriously, tracking emails and monitoring Net use, but it's very difficult to keep an eye on who's printing out what. Some companies use swipe cards to keep track of printer use, but that's with the employee's knowledge, so anyone with an axe to grind would know not to use the printer.'

The underlying technology is more than 20 years old and was initially implemented because companies risked being banned from selling colour printers in some countries, where banking officials feared the machines would be used for counterfeiting.

The dot-recognition process was designed for large corporate machines and isn't used - as far as anyone knows - in home printers, although as prices tumble, high-end lasers are certain to play an increasing role in the home office.

For the home printer market, anti-counterfeiting officials rely on more open methods that restrict what certain software will reproduce. The Central Bank Counterfeit Deterrence Group and its global partners have pushed a counterfeit deterrence system (CDS).

'The CDS has been voluntarily adopted by several hardware and software manufacturers, and prevents personal computers and digital imaging tools from capturing or reproducing the image of a protected banknote,' the group says.

Adobe is one firm that has signed up to this technology. 'Photoshop includes a CDS that prevents it from being used to illegally duplicate banknotes,' the company says. 'As implemented, CDS prevents users from opening detailed images of banknotes within Photoshop.'

The irony of all this, of course, is that by now any forger worth his salt will know which printers and software packages employ snooping technology, so the latest Big Brotherism is only likely to snare whistle-blowers, industrial spies and archivists.