Posts tagged with ‘privacy’

Unless we have an open, neutral internet we can rely on without worrying about what’s happening at the back door, we can’t have open government, good democracy, good healthcare, connected communities and diversity of culture. It’s not naive to think we can have that, but it is naive to think we can just sit back and get it.

On its 25th birthday, Web creator Tim Berners-Lee calls for an online bill of rights. The Guardian, An online Magna Carta: Berners-Lee calls for bill of rights for web.

Via the Web We Want:

March 12 2014 is the World Wide Web’s 25th Birthday. On this day in 1989, Sir Tim Berners-Lee filed the memo that led to the creation of the Web.

To mark this occasion, Berners-Lee and two organisations close to him, the World Wide Web Foundation and the World Wide Web Consortium are inviting everyone, everywhere to wish the Web a happy birthday using #web25. They have also joined forces to create webat25.org, a site where a selection of global birthday greetings will be displayed and worldwide events to celebrate the anniversary will be publicised.

And back to The Guardian:

Berners-Lee has been an outspoken critic of the American and British spy agencies’ surveillance of citizens following the revelations by National Security Agency whistleblower Edward Snowden. In the light of what has emerged, he said, people were looking for an overhaul of how the security services were managed.

His views also echo across the technology industry, where there is particular anger about the efforts by the NSA and Britain’s GCHQ to undermine encryption and security tools – something many cybersecurity experts say has been counterproductive and undermined everyone’s security.

Principles of privacy, free speech and responsible anonymity would be explored in the Magna Carta scheme. “These issues have crept up on us,” Berners-Lee said. “Our rights are being infringed more and more on every side, and the danger is that we get used to it. So I want to use the 25th anniversary for us all to do that, to take the web back into our own hands and define the web we want for the next 25 years.”

The web constitution proposal should also examine the impact of copyright laws and the cultural-societal issues around the ethics of technology.

As The Guardian notes, “While regional regulation and cultural sensitivities would vary, Berners-Lee said he believed a shared document of principle could provide an international standard for the values of the open web.”

Bonus: Read Berners-Lee’s birthday announcement at WebAt25.org where he briefly outlines some challenges and opportunities for the next 25 years.

What Surveillance Valley knows about you →

Via PandoDaily:

No source of information is sacred: transaction records are bought in bulk from stores, retailers and merchants; magazine subscriptions are recorded; food and restaurant preferences are noted; public records and social networks are scoured and scraped. What kind of prescription drugs did you buy? What kind of books are you interested in? Are you a registered voter? To what non-profits do you donate? What movies do you watch? Political documentaries? Hunting reality TV shows?

That info is combined and kept up to date with address, payroll information, phone numbers, email accounts, social security numbers, vehicle registration and financial history. And all that is sliced, isolated, analyzed and mined for data about you and your habits in a million different ways…

…Take MEDbase200, a boutique for-profit intel outfit that specializes in selling health-related consumer data. Well, until last week, the company offered its clients a list of rape victims (or “rape sufferers,” as the company calls them) at the low price of $79.00 per thousand. The company claims to have segmented this data set into hundreds of different categories, including stuff like the ailments they suffer, prescription drugs they take and their ethnicity…

…[I]f lists of rape victims aren’t your thing, MEDbase can sell dossiers on people suffering from anorexia, substance abuse, AIDS and HIV, Alzheimer’s Disease, Asperger Disorder, Attention Deficit Hyperactivity Disorder, Bedwetting (Enuresis), Binge Eating Disorder, Depression, Fetal Alcohol Syndrome, Genital Herpes, Genital Warts, Gonorrhea, Homelessness, Infertility, Syphilis… the list goes on and on and on and on.

PandoDaily reports that some 4,000 data mining companies generate about $200 billion annually. 

Visualizing Our Drone Future

Via Alex Cornell:

Our Drone Future explores the technology, capability, and purpose of drones, as their presence becomes an increasingly pervasive reality in the skies of tomorrow.

In the near future, cities use semi-autonomous drones for urban security. Human officers monitor drone feeds remotely, and data reports are displayed with a detailed HUD and communicated via a simulated human voice (designed to mitigate discomfort with sentient drone technology). While the drones operate independently, they are “guided” by the human monitors, who can suggest alternate mission plans and ask questions.

Specializing in predictive analysis, the security drones can retask themselves to investigate potential threats. As shown in this video, an urban security drone surveys San Francisco’s landmarks and encounters fierce civilian resistance.

Run Time: ~3:00.

The NSA didn’t wake up and say, ‘Let’s just spy on everybody.’ They looked up and said, ‘Wow, corporations are spying on everybody. Let’s get ourselves a copy.

— Bruce Schneier, Cryptographer and security specialist, via Reform Corporate Surveillance, a parody site of Reform Government Surveillance, created by Aral Balkan, Founder of Indie Phone

Privacy as a Human Right?

Point, via The Guardian: The United Nations moved a step closer to calling for an end to excessive surveillance on Tuesday in a resolution that reaffirms the “human right to privacy” and calls for the UN’s human rights commissioner to conduct an inquiry into the impact of mass digital snooping.

Counterpoint, via Foreign Policy: The United States and its key intelligence allies are quietly working behind the scenes to kneecap a mounting movement in the United Nations to promote a universal human right to online privacy, according to diplomatic sources and an internal American government document obtained by The Cable.

Meantime, via Techrunch: Sir Tim Berners-Lee Blasts “Insidious, Chilling Effects” Of Online Surveillance, Says We Should Be Protecting Whistleblowers Like Snowden.

Google on Friday announced that it would soon be able to show users’ names, photos, ratings and comments in ads across the Web, endorsing marketers’ products.

New York Times, Google to Sell Users’ Endorsements, via thefutureofnews

"Facebook has been aggressively marketing social endorsements, which it calls sponsored stories. For example, if you post that you love McDonald’s new Mighty Wings on the chain’s Facebook page, McDonald’s could pay Facebook to broadcast your kind words to all your friends."

"Twitter also enables advertisers to show public tweets in their ads, but requires advertisers to get the permission of the original author of a message before using it in an ad."

Nothing to see here. This is just the natural movement of companies finding ways to monetize the personal information you give them. If you don’t want to be in an ad, don’t endorse products online.

FJP: To opt out of Google’s “shared endorsements,” head here. Scroll to the bottom of the page and uncheck the box.

Related: Citing lack of use of its universal privacy controls, Facebook announced earlier this week that it was doing away with them and instead asks Users to select privacy settings on a post by post basis.

The caveat, of course, is that when Facebook says only a few percent of its Users use something, we’re talking millions of people. 

laughingsquid:

Privacy Opinions by xkcd

FJP: We’re with the sage.

laughingsquid:

Privacy Opinions by xkcd

FJP: We’re with the sage.

Dutch-Iranian Filmmaker Prank Calls The NSA

Dutch-Iranian filmmaker Bahram Sadeghi prank called the NSA to request that they help him retrieve an email that he deleted.

During the phone call, Sadeghi asks if the NSA keeps track of people’s emails and Internet data, to which the NSA representative responds: “No, we wouldn’t be able to help you. Can I take down some of your personal information, please?”

FJP: Cute, NSA. Real cute. — Krissy

Video: YouTube

"I worry a lot about the outsourcing of email at a news organization. We only have two layers of protection, right? One is technological and one is legal," Angwin says. "So certainly our lawyers at a news organization are gonna fight to protect our emails. But, if they don’t fully control them technically, they can’t mount a very good argument.


“If Gmail is handling our emails, then we have to rely on them to mount our legal arguments,” she adds. “And that’s not a situation that news organizations have been in, in the past.”

To evaluate the nothing-to-hide argument, we should begin by looking at how its adherents understand privacy. Nearly every law or policy involving privacy depends upon a particular understanding of what privacy is. The way problems are conceived has a tremendous impact on the legal and policy solutions used to solve them. As the philosopher John Dewey observed, “A problem well put is half-solved.”

— Daniel J. Solove, Why Privacy Even Matters if You Have ‘Nothing to Hide’, The Chronicle of Higher Education.

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on—the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

Ladar Levison, Owner and Operator, Lavabit LLC, in an open letter to users.

Background: Lavabit is an encrypted email service that was reportedly used by Edward Snowden, among 350,000 other customers. The Guardian reports that the closure occurred after the company rejected “a court order for cooperation with the US government to participate in surveillance on its customers.”

Related: Lavabit isn’t alone. Silent Circle, a company that creates encrypted communication applications for text, phone and video, is preemptively shutting down its email service. In a notice to its customers, the company writes:

Silent Mail has similar security guarantees to other secure email systems, and with full disclosure, we thought it would be valuable.

However, we have reconsidered this position. We’ve been thinking about this for some time, whether it was a good idea at all. Today, another secure email provider, Lavabit, shut down their system lest they “be complicit in crimes against the American people.” We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.

Welcome to surveillance.

What Google Knows
Via the Wall Street Journal:

Every hour, an active Google user can generate hundreds or thousands of data “events” that Google stores in its computers, said people familiar with its data-gathering process.
These include when people use Google’s array of Web and mobile-device services, which have long collected information about what individuals are privately searching for on the Web. It includes the videos they watch on YouTube, which gets more than one billion visitors a month; phone calls they’ve made using Google Voice and through nearly one billion Google-powered Android smartphones; and messages they send via Android phones or through Gmail, which has more than 425 million users.
If a user signs in to his or her Google account to use Gmail and other services, the information collected grows and is connected to the name associated with the account. Google can log information about the addresses of websites that person visits after doing Google searches.
Even if the person visits sites without first searching for them on Google, the company can collect many of the website addresses people using Google’s Chrome Web browser or if they visit one of millions of sites that have pieces of Google code, such as its “+1” button, installed.
Android-based phones and Google Maps can collect information about people’s location over time. Google also has credit-card information for more than 200 million Android-device owners who have purchased mobile apps, digital books or music, said a person with direct knowledge of the matter.

Somewhat related bonus: The Public-Private Surveillance Partnership, via Bloomberg.
Image: What Google Knows, via the Wall Street Journal. Select to embiggen.

What Google Knows

Via the Wall Street Journal:

Every hour, an active Google user can generate hundreds or thousands of data “events” that Google stores in its computers, said people familiar with its data-gathering process.

These include when people use Google’s array of Web and mobile-device services, which have long collected information about what individuals are privately searching for on the Web. It includes the videos they watch on YouTube, which gets more than one billion visitors a month; phone calls they’ve made using Google Voice and through nearly one billion Google-powered Android smartphones; and messages they send via Android phones or through Gmail, which has more than 425 million users.

If a user signs in to his or her Google account to use Gmail and other services, the information collected grows and is connected to the name associated with the account. Google can log information about the addresses of websites that person visits after doing Google searches.

Even if the person visits sites without first searching for them on Google, the company can collect many of the website addresses people using Google’s Chrome Web browser or if they visit one of millions of sites that have pieces of Google code, such as its “+1” button, installed.

Android-based phones and Google Maps can collect information about people’s location over time. Google also has credit-card information for more than 200 million Android-device owners who have purchased mobile apps, digital books or music, said a person with direct knowledge of the matter.

Somewhat related bonus: The Public-Private Surveillance Partnership, via Bloomberg.

Image: What Google Knows, via the Wall Street Journal. Select to embiggen.

Hello, Facebook Graph Search
Facebook Graph Search is rolling out to all users over the next few weeks. If you’re unfamiliar with its capabilities the basic rundown is that it’s a highly personalized search engine that lets you query information based on what your friends, friends of friends and oftentimes public (depending on privacy settings) are liking.
As Salon’s Andrew Leonard explains it:

Facebook allows you to slice and dice your network with astonishing ease. “Friends who like ‘Dumb and Dumber’”? Friends who like porn films?” “Single women who like to read Thomas Pynchon and live in California?”
After each search: Presto! A page full of profile pictures — many of whom are probably people you’ve never seen before, because Graph Search rummages through your “friends of friends” network, a grouping that is exponentially larger than your mere “friends” network.
You can also search through photo albums that have been made public. For example: “Photos of single men taken in California.” Oh, the douchebaggery. We have so much to be embarrassed about, and now Facebook makes it easier than ever to find it.
Graph Search is addictive. “Photos of beaches liked my friends”? Sure! “Friends of my friends who like Edward Snowden Support Page”? Absolutely. “Friends of my friends who like Rush Limbaugh?” Holy moly! There are more Limbaugh fans in my extended network than porn film fans! Something is very wrong here.

Have privacy concerns? Don’t want your pickle eating, Justin Bieber, complicated relationship, trashy novel liking life to be shown? We got you covered in two easy steps.
First, visit Facebook’s 3 Tips About Search Privacy to get an overview of what you’re sharing and who you’re sharing it with. Second, Slate’s Will Oremus walks readers through changing their privacy settings en masse, or on a post by post basis. Or, as Slate’s headlines writers put it: If You’ve Ever Posted Anything Embarrassing on Facebook, Now Is the Time to Hide It.
Image: Facebook Graph Search, via Facebook.

Hello, Facebook Graph Search

Facebook Graph Search is rolling out to all users over the next few weeks. If you’re unfamiliar with its capabilities the basic rundown is that it’s a highly personalized search engine that lets you query information based on what your friends, friends of friends and oftentimes public (depending on privacy settings) are liking.

As Salon’s Andrew Leonard explains it:

Facebook allows you to slice and dice your network with astonishing ease. “Friends who like ‘Dumb and Dumber’”? Friends who like porn films?” “Single women who like to read Thomas Pynchon and live in California?”

After each search: Presto! A page full of profile pictures — many of whom are probably people you’ve never seen before, because Graph Search rummages through your “friends of friends” network, a grouping that is exponentially larger than your mere “friends” network.

You can also search through photo albums that have been made public. For example: “Photos of single men taken in California.” Oh, the douchebaggery. We have so much to be embarrassed about, and now Facebook makes it easier than ever to find it.

Graph Search is addictive. “Photos of beaches liked my friends”? Sure! “Friends of my friends who like Edward Snowden Support Page”? Absolutely. “Friends of my friends who like Rush Limbaugh?” Holy moly! There are more Limbaugh fans in my extended network than porn film fans! Something is very wrong here.

Have privacy concerns? Don’t want your pickle eating, Justin Bieber, complicated relationship, trashy novel liking life to be shown? We got you covered in two easy steps.

First, visit Facebook’s 3 Tips About Search Privacy to get an overview of what you’re sharing and who you’re sharing it with. Second, Slate’s Will Oremus walks readers through changing their privacy settings en masse, or on a post by post basis. Or, as Slate’s headlines writers put it: If You’ve Ever Posted Anything Embarrassing on Facebook, Now Is the Time to Hide It.

Image: Facebook Graph Search, via Facebook.

To Strongbox or Not to Strongbox

Last week we noted that the New Yorker launched Strongbox, an online system meant to preserve the anonymity of leakers submitting sensitive material to the magazine.

Strongbox is based on the work of Aaron Swartz and Kevin Poulsen and, as Amy Davidson noted when announcing its implementation, “Even we won’t be able to figure out where files sent to us come from. If anyone asks us, we won’t be able to tell them.”

Which is a good thing given recent news about the Justice Department’s surveilling of journalists and news organizations.

But can it be be a newsroom boon?

Writing at CSO Online, John P. Mello argues that while Strongbox “provides strong protection of the identity of a source, it removes an important element in the process: authentication.”

Here’s what he means:

A system where anonymous leakers are dropping documents into a folder has advantages when government investigators start probing a story’s sources, but it also creates tremendous disadvantages. “The government can’t come after you to find out who gave you the document because you have no way of knowing,” [Northeastern University assistant journalism professor Dan] Kennedy said.

"That gives more protection to the source, but it makes it harder to vet the document because you don’t know who gave it to you," he said…

…”All sources, anonymous or not, have to be evaluated. That’s impossible to do without context. “Knowing your source’s motivations helps contextualize the information,” said Mark Jurkowitz, associate director for the Pew Research Project for Excellence in Journalism.

"A solution that prevents the news organization from knowing the identity of a confidential source has value, but it’s not an ideal solution because it is important to know the identity of the source to weigh the information," he told CSO.

"Information supplied by a confidential source needs to be evaluated, weighed and understood in the same way that information of somebody speaking on the record does," he added.

FJP: A tool is a tool. While Mello illustrates important drawbacks, if the alternative is no documents to work with then you work with the tools available. It’s just important to know going in what their limitations are.

Images: Independent Twitter posts via Nicholas Thomson and Kevin Anderson.