Tag Archives: Privacy
Owning your data
Yesterday Facebook and the FTC came to an agreement on privacy settings. This will require Facebook to undergo privacy audits twice a year by a third party firm. In Europe Facebook users are already able to download their data as I mentioned in a previous post. I think we’re living in an age where users will need to be well educated on the impact of the privacy policies of websites on the users personal data. However, how can we do this? I personally never look at the privacy policy on a website. Why? Because I don’t really trust them. Effectively, just by going to the website I agree to these policies and effectively whatever is stated in the privacy information I’m bound to. However, I have to go to the website before I can read it, thus creating a catch-22.
If I did disagree with something written in the privacy policy, I’ve already agreed to accept their terms and if they said “we’re going to steal all your cookies and sell them for profit” and I object to that it’s too late. They already did it.
This puts us users in a bind. We enjoy the benefits of cookies. We don’t have to always remember our passwords, we automatically get logged into our favorite websites. Personal settings pop up as soon as we log in. There are plenty of benefits from using cookies. We lose all of these as soon as we use services like Incognito from Google Chrome. Some of my readers have commented that they have switched to using an Incognito window, but it’s much more of a pain to log into Facebook and they have actually started using the service less. In terms of Facebook to compensate I use TweetDeck which pulls my news feed from both twitter and Facebook. However, it doesn’t get everything including messages from friends, which is annoying, but not the end of the world.
To deal with these privacy issues, the EU is proposing a pan-European standard for privacy policies that a website has to get approved. Companies like Facebook are actively fighting against this rule. I think that this is a great step. I know a lot of people don’t like new government regulations. However, in this case the public is woefully uninformed and find getting informed on these topics cumbersome. A lot of money is being made off of people’s ignorance. Now, many people would say that’s their fault for not properly investigating this topic.
There are a few resources out there to help with getting a better understanding of how to protect yourself. The EFF has an entire section of their website devoted to privacy issues. The ACLU has a Technology and Liberty section which includes topics like privacy.
So why should we care about this? If you aren’t doing anything wrong you don’t have anything to worry about. I’m sorry, but this is a really naive way of looking at privacy issues. Some of you readers out there have fences in your back yard. Many of them are called privacy fences, if you aren’t doing anything wrong why do you have a fence? Others will have a safe to store valuables and important documents, why do you need a safe, if you aren’t doing anything wrong you shouldn’t need a safe.
Putting this into a physical context highlights the absurdity of the not doing anything wrong argument. It also highlights the differences between privacy in the physical world and in the digital world. It’s really easy to understand how to increase your privacy at home build a fence, better curtains better locks, bars on your windows etc.. Fixing privacy on your computer is much more difficult. Security experts have tried to make things as simple as possible by using names like Virus scanner, Firewall etc. Most people don’t really know how to use these properly.
Adding a Firewall to your computer can make using it difficult and clunky. Services that you use frequently suddenly stop working correctly and it’s not always obvious why at first. There needs to be a movement within security companies to make everything as simple as possible for the broader population. There should be advanced settings for the people who really want to control their data. Basically we need the firewall to turn into a fence for most people but with settings to turn it into the Berlin Wall if an advanced user wants it.
All users need to understand the risks, just like they need to understand risks of burglary, they shouldn’t need to be a security expert though.
Other potential resources (I have no idea if they are any good, I just searched for privacy resources)
http://www.privacyresources.org/
http://epic.org/privacy/privacy_resources_faq.html
https://www.privacyinternational.org/article/ephr-privacy-resources
Feds need warrant to get phone data
In a victory for cell phone users everywhere, A court says that the feds need a warrant to request phone data which includes location. We should be celebrating this victory even though it isn’t a total victory. This case will most likely go to the US Supreme Court. The Federal government is not going to give up on this easily. Especially since there have been other rulings that have ruled in favor of warrantless mobile phone tracking. So it’s still unclear what the end result of all of this will be.
Additionally, this may also have implications for some of the other tracking that the government is doing. Apparently, the governments don’t need a warrant to install GPS tracking devices onto cars. Which the police argue saves tax payers money. It raises serious privacy concerns though. What is the limit to the number of people the police can track at a time? Can they simply track anyone closely related to a crime even if they have nothing to do with any sort of crime? With polices officers required to track individuals this puts an obvious limit on the number of people the police and other law enforcement agencies can track. They are limited to the usefulness of the tracking and the number of officers they have available to track. With the GPS tracking they have the ability to simultaneously, continuously track any individual associated with a crime or a suspect of a case. This gives them a huge amount of data on people that may not have done anything illegal and shouldn’t be tracked in the first place.
With this data agencies are able to construct a network of frequent activities for the prime suspect and any other people they consider interesting. If these suspects go to a known drug hide out it can implement additional people in a crime that wouldn’t have been obvious without the tracking. It could allow for an increased ability to crack down on crime. However, it can also send up a great deal of false positives and implement innocents.
Should we be concerned with this type of tracking? Definitely. The purpose of requiring a warrant, in a historical context, is to prevent the government for arbitrarily searching the house of a person. I find the ability to be remotely tracked terrifying. Just because I don’t have any thing to worry about doesn’t mean I’d want the government to have the ability to track me on a whim. I feel it’s important for there to be a check on the law enforcement. I think it’s clear from the UC Davis pepper spray incident that there’s a sense of unlimited power within many of our police forces. Warrantless tracking through cell phones or vehicles are incredibly similar.
The job of the court and our constitution is to protect the people from the excesses of the government through the actions of law enforcement. We need to work with our legislation to push for laws to address these issues if the courts don’t make the action in the manner to protect the fourth amendment and our privacy.
Ubiquitous free high speed wireless
One of the people I follow on twitter posed an interesting question. What would happen if there was free broadband wireless all over Europe. I sent them my 140 character answer but felt really unsatisfied by that. I’m going to devote some blog space to it over the next few days because I think that there would be a lot of changes. I’m going to break this into a few section. I haven’t worked out all of them but there will be government, business, computing and social changes. This structure loosely follows some of the structure within Lawrence Lessig’s Code 2.0. He also argued there were four structures that impact community building on the internet. It is written in the US context, but can be applied in other countries.
I’m going to start with Governmental changes.
One of the first things that will happen will be further encroachments on the ability for users to be anonymous and use pseudonyms online. Initially the requirement to login will be used to track which areas have the highest user rates and things like that, but this could be an incredibly powerful tool to prevent copyright abuse from users of the network. IP addresses would go out the window as an enforcement tool of nearly any online abuses. For instance, the safest place to download a movie from the internet would be on the train. You’d be changing IP addresses frequently and it would be very difficult to track a single user from one IP address to the next.
To deal with these problems there would have to be strict oversight to protect users of the network from invasions of privacy from the government and third party users of the network. Currently, the US government has a significantly heavy hand in collecting data from ISPs, Cloud data and social networking data. This includes both European and US data. This would need to be prevented.
Paying for and managing this network would need to be determined as well. One route could be to put a tax on advertisements that are displayed in a IP address range. Since IPs are distributed through regions this would be technically possible. Google just announced they made $9.7 Billion and nearly all of that is from ads (99% was from ad revenue in 2008). Putting a modest tax on this revenue will help pay for this network. Assuming that this infrastructure would need to be rolled out and continually upgraded I would expect at least $2-3 billion annual investment is required. I’m basing this on how much Verizon Wireless and AT&T invest in their network annually. This of course would change based on the amount of capacity required (a lot) and what technology used (WIFI, Wi-Max, LTE) for the network.
Since, this will effectively kill the business model of the telecoms, like T-mobile and KPN, they could be used to help manage the network. Governments and the like aren’t the best at managing these networks these old companies would be the best suited to manage it. That or create an organization that is based on former employees.
Finally, the network would have to be net neutral. Otherwise, it would effectively be government censorship if there was a reduction in access to any portion of the web. This means that the internet would be free as in free beer and free as in free speech. This would ensure the most positive results from the free internet on the business side and improve ability of users to participate in democracy.
Biggest changes? Management of the network, increased privacy concerns, paying for the network and copyright owners influence on data controls.
In my next blog I’ll discuss how this would change the business environment.
Amazon’s Silk
Interesting read on Tech Dirt on Amazon.com’s Silk browser. They note that it’s a copyright infringement suit waiting to happen. If you’re too lazy to read the article, basically Silk will copy whatever website you go to onto it’s servers so it can send you a compressed version of it. For instance if a website that you’re on has a 3mb picture they’ll send you a 50kb picture instead. This does a few things. First, it will help relieve congestion on cell networks because smaller pieces of information are being sent. Second, it will save you data if you don’t have an unlimited data package. Finally, it could violate copyright. Why? Because it’s copying everything from a website and then sending you the information from a different source. Not only that, but it is effectively altering the picture they are sending you. I’m not sure if there have been any copyright cases based on compressing the quality of a picture, but for all intents and purposes it’s altering the picture. It probably should fall under fair use, but you never know some one will probably try to sue over that.
There are some other issues to consider too. The browser has predictive capabilities based off of aggregate users actions. This is actually fairly similar to what Facebook is doing, but there are no implications for ads with Amazon (at this point we don’t know if they store individual user statistics). The example they give on the website, is if you go to NYTimes.com and a high percentage of users then click on the business section Amazon will pre-load this information into their severs. This could have an impact on big websites’ server loads as well. They could potentially be hit twice for a lot of visits to their site. If Amazon predicts incorrectly, then it will hit the server at least twice.
Another interesting consideration is related to ad revenue. Let’s say users of some website like, I don’t know KBMOD.com, always visit a YouTube account after reading the front page, let’s go with InfiniteSadd, which would then auto play the video that’s on top. This of course have the ad pop up on the bottom. Now the question I have is in these situations would this count as a click, or would the ads start to filter out views and click throughs from Silk? The situation, I presented is unlikely as there’s no direct link from KBMOD to InfiniteSadd’s user profile. But’s easy to image that it could work that way.
I’d really like to know more about the user statistics that Silk will be collecting. Since the browser is going to be on their Fire device (who knows could also be an update for older Kindles as well), Amazon will know who is browsing what you are browsing and may actually keep that information in your account to predict your behavior better. I don’t see any reason why they couldn’t collect that data. I would imagine that it’s very technologically feasible to use a larger aggregate dataset for websites you don’t frequent, but for your most commonly visited websites for Amazon to have enough usage to figure out where you’re going to go next.
I think the browser is a great idea. However, I can also see this turn into another way for Amazon to better target your recommendations. If you are on your Fire and they see where you go, then they will also know what other products you might be interested in that you haven’t bought through Amazon before. If they know what interests you then they can put those into your “Silk based recommendations.” Now there hasn’t been any talk of that yet, but since they are selling the product at a loss they need you to buy a decent amount of product to get a return on their investment. I’ve seen two values, $50 and $10 losses.
Keep your eyes open for news on this, it could be a copyright and privacy issue before long.
Science, Technology, + Culture 