Emergent ChaosClear collected a lot of data:
The information that TSA requires us to request is full legal name, other names used, Social Security number (optional), citizenship, Alien Registration Number (if applicable), current home address, primary and secondary telephone numbers, current email address, date of birth, place of birth, gender and height. TSA also lists as optional, but helpful, the following personal information: home addresses, driver’s license number and employer’s name and address...digital photo and digital images of all of your fingerprints and your irises...your credit card.This raises a very serious problem with a company like Clear/Verified Identity Pass, Inc. The in-depth, validated customer data is likely to count amongst such a company's most valuable assets. Their privacy policies make no mention of what would happen to it in the event that the company goes bust.
Does anyone know where Clear was incorporated? Maybe I'll bid at the bankruptcy auction.
[Update: Tamzen points out that there's an update on their site, promising that Clear will abide by the "Transportation Security Administration’s Security, Privacy and Compliance Standards" and "take appropriate steps to delete the information." Google thinks that those standards might refer to "Transportation Security Administration’s Security, Privacy and Compliance Standards." Me, I wonder why they say "take appropriate steps" rather than just promising to delete it. Back in the day, Brill's Content might have taken them to task for that.]
Bookmark this post:
As I've said before, all non-trivial privacy warnings are mocked and then come true.
Sixty years ago today, George Orwell published 1984. He unfortunately failed to include a note that the book was intended as a warning, not a manual.
Today, in England, there are an unknown number of surveillance cameras, including many around Orwell's house, despite the fact that they don't reduce crime. People can be detained for 28 days without charge, there are "anti-social behavior orders," which allow a civil court to impose behavioral restrictions on children as young as 10 based on low somewhat relaxed standards of evidence.
Being modern, the UK has outsourced most of its torture to other less reputable nations like Syria and the United States.
Photo: MI5
Bookmark this post:
So writes Adam Theierer in "Privacy as 'a modern invention'," quoting Stanford law prof Lawrence Friedman.In an important sense, privacy is a modern invention. Medieval people had no concept of privacy. They also had no actual privacy. Nobody was ever alone. No ordinary person had private space. Houses were tiny and crowded. Everyone was embedded in a face-to-face community. Privacy, as idea and reality, is the creation of a modern bourgeois society. Above all, it is a creation of the nineteenth century. In the twentieth century it became even more of a reality. [p. 258]In a time when amorphous "rights" to privacy seem to be multiplying like wildflowers, this is an important insight from Friedman. In my opinion, many of the creative privacy theories being concocted today are often based on false nostalgia about some forgotten time in the past when we supposedly all had our own little quiet spaces that were completely free from privacy intrusions. But as Friedman makes clear, this is largely a myth. It's not to say that there aren't legitimate issues out there today. But it's important that we place modern privacy issues in a larger historical context and understand how many of today’s concerns pale in comparison to the problems of the past.
Medieval people also didn't have democracy, gunpowder or widespread literacy. That makes none of them the creation of "a modern bourgeois society."
It's a tad embarrassing, really.
Maybe, with more time, there would be more context which I could find.
Bookmark this post:
aka it's not nearly as funny when you are the subject of the probe.
At a recent conference Justice Scalia said ""Every single datum about my life is private? That's silly,"
Well, a professor at Fordham University decided to take Mr Scalia at his word, and had one of his classes collect a dossier on the Justice and this is what they found:
Professor Joel Reidenberg and his class now have a 15-page dossier on Scalia, including his home address, the value of his home, his home phone number, the movies he likes, his food preferences, his wife's personal e-mail address, and "photos of his lovely grandchildren."
So what we have here is yet another person discovering that while individual facts aren't necessarily important, when you aggregate them together you have something quite valuable. Justice Scalia was understandably somewhat unamused
It is not a rare phenomenon that what is legal may also be quite irresponsible. That appears in the First Amendment context all the time. What can be said often should not be said. Prof. Reidenberg's exercise is an example of perfectly legal, abominably poor judgment. Since he was not teaching a course in judgment, I presume he felt no responsibility to display any.
Daniel Solove, over at Concurring Opions has provided more details and analysis as well as a follow up from Professor Reidenberg. Of note is the fact that this is a regular assignment in the professor's class each year and the previous class had been told to use Dr. Reidenberg himself as the subject of the dossier.
Bookmark this post:
So while Statebook is a pretty entertaining demo, "Database State" is a disturbing look at how real the underlying data collection is in the U.K.
Via Boingboing.
Bookmark this post:
The Get FISA Right group is publicizing our need to re-think the laws. They have discussion going on on their site, as well as on The Daily Kos. I recommend catching up there, or reading Adam's recent post here.
I have to ask what was wrong with the old FISA? It wasn't a bad system, had a lot tradeoffs as well as emergency provisions. The government could, for example, get a warrant after the fact in an emergency.
But the old FISA was very Cold War. It was also very much adapted to the previous century's technology in which wired technologies were static and protected and wireless or mobile technologies were highly regulated.
So let's look at some of the things that are indeed worth changing.
I would not want end up having interesting new technologies like femtocells end up in some odd legal limbo because of some peculiarity of the technology. It's better for us all to just agree that when it is okay to spy on a person, it's that person.
Now, this has consequences. I wouldn't blame non-US telecom companies to proudly avoid the US as a result of that. It's from the viewpoint of a civil libertarian who is trying to make sense out of the rules of spying that I think that.
It is also the converse of thinking that when I am in another country, they'll spy on me or not according to their rules, not mine.
I can go on, particularly about the new features of the new FISA. However, that strays away from this discussion. What didn't work well in the old one.
Bookmark this post:
Jim Burrows is working to kick off a conversation about what good reform of US telecom law would be. He kicks it off with "What does it mean to "get FISA right"?" and also here.
To "get it right", let me suggest that we need:I think we need a law which works cross medium, and addresses both content and routing information. It should lay out broad principles of privacy protection for Americans and people in America, and the times when spying is acceptable in ways that enable debate and discussion. We also need to address the very real abuses of past wiretapping statues, perhaps with increasing oversight as time goes by.
- One law that covers all spying
- Require warrants when the US spies on
- Anyone in the US
- US persons (citizens and resident aliens) anywhere
- Allow the intelligence agencies to spy freely on foreigners oversees, even if the taps are in the US
- Require Executive, Judicial and Congressional oversight when protected and unprotected communications are entangled.
- Criminalize violation of the Constitution.
This is a hard area, and I encourage you to join in the discussion here, on Jim's blogs, or on your own.
I hit post to soon, I'd meant to explain the image. I picked the image because I believe that listening to phone calls is sometimes something we should allow a government to do. If we do it right, it's a valuable tool. If we do it wrong, it becomes an intrusion and a betrayal of our values. To date, we are doing it wrong, with secret courts rubber stamping requests under complex laws that few can understand. The result is that legitimate wiretapping is harder than it needs to be. Getting FISA right includes restoring public trust.
Image: Dr. Bulldog & Ronin.
Bookmark this post:
Bookmark this post:
Robert Scoble, discussing Facebook founder Mark Zuckerberg:That's Jon Pincus discussing "Zuckerberg: Facebook to ratchet up exploitation, only bans “outliers”."He also said that his system looks for “outlying” behavior. He said if you behave like an average user you should never trigger the algorithms that will get you kicked off.Let’s be specific here: if you behave like the system’s Harvard undergraduate founders and primarily-male engineering staff have programmed the software to think like “an average user” behaves you should never trigger the algorithms that will get you kicked off. Except in reality, most people don’t behave that way. Robert is surprisingly sympathetic to arbitrary undocumented limits on speech:Of course, that irks me a bit because my usage of social media sites is totally outlier behavior. But, I can see his point. One thing that’s nice about Facebook is that I see very little spam or other nasty behavior.
I think this is a real concern. Facebook exists as a means of connecting with others. As I discuss in " Identities are Created Through Relationships," we create and evolve our identities through such interaction. If Facebook imposes conformity through secret rules whose violation results in suspension, then it acts as a censor on our social interaction and our willingness to explore and excel.
It's unsurprising that Scoble sees little spam or other nasty behavior, but free communities have some level of that, or they have a constant level of looking over one's shoulder for the camera or the plainclothesman. Scoble shouldn't be ok with that, and neither should we.
They're trying to dress up giving users the ability to up/down vote on their rules as "democracy," and giving users a voice but as Michael Zimmer documents, it's a vote. They haven't (say) Wikified their Terms of Service and given users real input. They certainly aren't offering minorities any protection against the wishes of the majority.
What if the entire userbase votes to make everything from a member of the Screen Actors Guild fully public?
It is fascinating to watch the autocracy of Facebook forced to take tentative steps towards democracy. Here's hoping that their community also pushes for liberty.
Bookmark this post:
Shostack suggests that A-Rod might have an action for breach of contract. He might also have an action for the breach of confidentiality tort. Professor Neil Richards and I have written extensively about breach of confidentiality. The tort is recognized in most states, and it provides for liability whenever one owes a duty of confidentiality and breaches that duty. We observed, however, that the tort has remained "relatively obscure and frequently overlooked" in American law. In contrast, in England, the tort is robust and applies quite broadly. We suggested in our article that the American tort could develop more along the lines of the English tort, and it is, in fact, already beginning to head in that direction. See Neil M. Richards & Daniel J. Solove, Privacy's Other Path: Recovering the Law of Confidentiality, 96 Geo. L.J. 123 (2007).Lots more very interesting analysis. Check it out!
Bookmark this post:
He's now threatened with three years of jail in Italy. Google took under 24 hours to remove a video which invaded the privacy of someone with Down Syndrome. See law firm Proskauer Rose's "Google Execs Face Privacy Related and Other Criminal Charges for Taunting Video" for or Dan Solove's "Criminalizing Google's YouTube in Italy" for background.
A small part of me is happy to see enforcement of privacy laws. This is clearly a sit up and take notice moment for many executives around privacy, and that might be for the good.
I think much more, it's to the detriment of much of what's good about the internet, and not even good for privacy. On the scale of privacy invasions, this one isn't like publishing someone's medical records, their financial records, or their diary. It's three minutes of bullying. I'm not trying to universalize my values, but it's hard to understand 191 seconds of bullying as justifying three years in jail. The executive ‘takeaway’ from this is likely to be "we need to get those laws fixed."
Google claims that 200,000 videos are uploaded to Google Video daily. There's all sorts of good--people are enthralled, and choose to spend a tremendous amount of time watching that crap. No, really, 99% of it's crap, but 1% is great, and we all differ on which video is which. It's chaotic. The value of Google Video emerges from hundreds of thousands of people providing video, and Google making it available to others.
If Peter Fleischer goes to jail, that will stop. Not just at Google, but at other companies (not speaking for my employer--I have no knowledge of plans.) No executive will say this is worth jail time. The chilling effect would be massive, and also ineffective.
Video on the internet will move to a peer to peer system, just like music has. The ability to remove content will fall away, as will searchability. What's more, we won't gain much in privacy (except, perhaps, with regards to how much Google can observe). New business will be hesitant to step into these areas, and we'll give up all the good which might emerge.
Ironically, Google's aggressive tracking (with 3 domains worth of cookies and 2 Flash LSOs) offer up a perfect "more speech" opportunity. There are logs of who viewed the original video. It would be easy (if an apology video existed) to show it to each person who viewed the original video, and to measure what fraction had seen it.
None of this is aided by a threat of jail time for Peter Fleischer.
Bookmark this post:
In 2003 the deal was simple: The players would submit to anonymous steroid testing, and if more than 5 percent tested positive, real testing with real penalties would begin in 2004.So there's an obvious violation of the contract, which may or may not have specified damages. Are there other torts here?But in 2003, the tests were going to be (A) anonymous and then (B) destroyed. Those were the rules of engagement, and in any civilized contest, the rules of engagement are critical. Everything has rules of engagement, even something as life-or-death as war. Ever heard of the Geneva Convention? Those are rules of engagement, and it's something we are expected to follow -- even against a war-time enemy we literally want to kill.
Somebody broke the rules of engagement with A-Rod. Baseball and the union were supposed to destroy the tests in 2003. If there was a master list linking each test to a specific player, that list was supposed to be destroyed, too. This was serious stuff, this confidentiality, and only because it was so serious did players like Alex Rodriguez submit to it. ("A-Rod should sue sinister system that snagged him," CBS Sports)
It seems that given the nature of the literally irreparable harms to reputation that privacy invasions can entail, the law may or may not have reasonable remedies here. (Note that I said irreparable, not un-compensatable or even of great magnitude. Even if it turns out that the tests were flawed, A-Rod's reputation will be permanently sullied by those who remember the initial burst of news.)
There's also a tie to Facebook's latest changing and re-changing of their privacy rules.
The idea that your privacy contract is fungible and flexible inhibits the creation of a real market differentiation around privacy. If a company can change the rules at any time, why bother reading what they say today?
What should the law say about this?
Image: StockXpert.
[Update: Dan Solove has very interesting follow-on analysis in " A-Rod, Rihanna, and Confidentiality."]
Bookmark this post:
WHY is a beer better than a woman? Because a beer won’t complain if you buy a second beer. Oops. There go your correspondent’s chances of working for Barack Obama, America’s president-elect.(Ironically, the Economist's articles are all anonymous.)
Second, Fraser Speirs, "On the Flickr support in iPhoto ‘09:"
As you may guess, I was a little perturbed at this since I pay my mortgage by selling, er, a Flickr upload plugin for iPhoto.Fraser looks at his (excellent) product, FlickrExport, and finds that the value is now in privacy and control of what leaves your computer and how.
And finally, a follow-on to an aside in 'Lessons for security from "Social Networks',:"
In recent months, American Express has gone far beyond simply checking your credit score and making sure you pay on time. The company has been looking at home prices in your area, the type of mortgage lender you’re using and whether small-business card customers work in an industry under siege. It has also been looking at how you spend your money, searching for patterns or similarities to other customers who have trouble paying their bills.Apparently, that was just too creepy, even for American Express, who I've commented on in "American Express and Privacy."In some instances, if it didn’t like what it was seeing, the company has cut customer credit lines. It laid out this logic in letters that infuriated many of the cardholders who received them. “Other customers who have used their card at establishments where you recently shopped,” one of those letters said, “have a poor repayment history with American Express.”
It sure sounded as if American Express had developed a blacklist of merchants patronized by troubled cardholders. But late this week, American Express told me that wasn’t the case. The company said it had also decided to stop using what it has called “spending patterns” as a criteria in its credit line reductions. ("A (Very) Watchful Eye on Credit Card Spending," The New York Times.
Bookmark this post:
Worth checking out, but be warned, it's a little on the languid side, using pacing and the voice to build the story.
Also, note that the movie says the release was accidental. Engleberts and Plug regret the error.
Previously: "AOL search records 'research'," "AOL data release fallout," "Researchers Two-Faced over Facebook Data Release," and "Wendy Richmond's Surreptitious Cellphone"
Bookmark this post:
Bookmark this post:
Bookmark this post:
(Or, the presentation of self in everyday donations)
So I've had a series of fairly political posts about election finance, and in one of them, I said "I'd prefer that the rules avoidance be minimized, and I think transparency is the most promising approach there."
Well, in the interests of transparency, I need to comment a little in the wake of a lawsuit in California over transparency and Proposition 8. Two stories: "Marriage Ban Donors Feel Exposed by List:"
“Some gay activists have organized Web sites to actively encourage people to go after supporters of Proposition 8,” said Frank Schubert, the campaign manager for Protect Marriage, the leading group behind the proposition. “And giving these people a map to your home or office leaves supporters of Proposition 8 feeling especially vulnerable. Really, it is chilling.”and today, "Prop. 8 campaign can't hide donors' names."
Setting aside all the irony of proponents of an initiative suing to overturn law passed under another initiative, the law was the law when they made their donations. What did they think was going to happen?
But it's not all that simple. There's a strong argument for allowing proponents of unpopular causes to organize themselves in a way which is free of reprisals. For allowing them privacy. There's important privacy law in NACCP vs Alabama, about the right to associate privately for political change.
On the one hand, I think that privacy is an important right, and should not be subjected to harsh tests. (Had Alamaba prevailed, death by lynching was a likely outcome for at least some of the people on the list. I don't want to see private association subject to a grievous harm sort of test.)
On the other hand, those who want to take away the rights of others should perhaps be asked to air their public policy beliefs in public. If they can't take the heat, get out of the kitchen.
On the gripping hand, this raises a hard tradeoff. What should we do? (Whatever we should do, we should keep it civil as we discuss it.)
[Update: Part of the reason I reference NAACP vs. Alabama was to allude to the fact that sometimes the unpopular speech is speech against government. The NAACP fought to keep their membership private because they knew that the Alabama government was lousy with Klan members. Had the list been turned over, members would have been murdered. That in this case, we might see anti-harrassment laws enforced is not an argument against the general need for privacy for those with unpopular views.]
Bookmark this post:
By popular demand, I'm posting updated forms to request your PNR's and other records of your international travel that are being kept by the U.S. Customs and Border Protection (CBP) division of the Department of Homeland Security (DHS)...If you made a similar request before, the answer you got (if any) was almost certainly incomplete. If you want to know all of what's really in your file, you should probably make a request again, using this updated form.
Bookmark this post:
There's an interesting (and long!) "Final Report of the Internet Safety Technical Task Force to the Multi-State Working Group on Social Networking of State Attorneys General of the United States." Michael Froomkin summarizes the summary." Adam Thierer was a member of the task force, and has extensive commentary on the primary online safety issue today is peer-on-peer cyber-harassment, not adult [sexual] predation, along with a great link roundup. Kim Zetter at Wired gives unfortunate credence to hyperbolic claims by some attorneys general that "harsh reality defies the statistical academic research underlying the report." Uh huh. I'm glad Richard Blumenthal knows the truthy, and isn't going to let facts stand in his way. I'm less glad that Wired chose to portray that as a 'controversy.' I'd call it an embarrassment to the state of Connecticut.
Bookmark this post:
Peter Swire and Cassandra Butts have a fascinating new article, "The ID Divide." It contains a tremendous amount of interesting information that I wasn't aware of, about how infused with non-driving purposes the drivers license is. I mean, I know that the ID infrastructure, is, in essence and aim, an infrastructure of control. Even so, I didn't realize how far it had gone as a tool of compliance enforcement.
There's more to say than I can get into this blog post. Short form: go read it. Slightly longer form:
There are lots of details that are just great. For examples:
"The More ID checks in society, the more ID theft matters." (page 11)My copy of this report is covered in markup, about "the computer is always right," about linkability, about data shadows. In fact, about the only thing I don't like is the title. I don't think this is a divide, I think that identity has become an archepelago, a la the Soviet Gulag system.In a discussion of a 2005 deficit reduction act attempt to reduce medicaid fraud: "A GAO study instead found that the major effects of the program were higher administrative costs ...and denial of medical benefits to eligible US citizens" (page 14)
"In addition, some state will not issue a state ID until a person has caught up on all outstanding payments due the staet, including traffic fines and child support payments. As ID requirements spread, persons who cannot afford to make all such payments may be denied the right to vote, to receive health insurance, or to become lawfully employed." (page 16)
"...independent reviews of the E-Verify program have found that employers engage in prohibited employment practices..." (page 18)
In the preface to The Gulag Archepelago, Solzhenitsyn wrote:
And this archipelago crisscrossed and patterned that other country within which it was located, like a giant patchwork, cutting into its cities, hovering over its streets. Yet there were many who did not even guess at its presence, and many, many others who had heard something vague.I think the argipelago is a better metaphor than a divide. A divide exists, and most of us exist on one side of it. But the identity archipelago! At a moments notice, we can be thrust onto its other side. A phone call, a letter, and our identity's connection to the machine is broken. Our data shadow has sinned, and we are cast into the archipelago, forced to learn its ways.
In conversation, Peter has said that the Gulag analogy is too over-used, which is a shame. Maybe identity is more like an accident--you're driving along and 35 and boom, you wake up in the hospital. Maybe it's more like a vase, dropped and you're cutting yourself picking up the shards. What's the right description for the fragile system we have where people get violently yanked into the nightmares?
[Comments have been closed because of a flood of spam against this single entry.]
Bookmark this post:
The judges ruled the retention of the men's DNA "failed to strike a fair balance between the competing public and private interests," and that the UK government "had overstepped any acceptable margin of appreciation in this regard".The Police are aghast that they will not be able to do whatever it takes to solve crimes. Similar past rulings have involved forced confessions, indefinite detention, and a presumption that the accused are guilty until proven innocent. They have put forth figures about how many criminals have been caught. The BBC also reports:The court also ruled "the retention in question constituted a disproportionate interference with the applicants' right to respect for private life and could not be regarded as necessary in a democratic society".
The court says the figures appear "impressive" - but on closer analysis it acknowledges, as the Nuffield Council on Bioethics and GeneWatch UK also have, that they are unconvincing.The Supreme Court of Newfoundland has ruled that airport searches may not be used for blanket law enforcement purposes:
a reasonable expectation of privacy with respect to the contents of his luggage, save and except for searches by [airport] personnel for items that could be used to jeopardize the security of an aerodrome or aircraft. The drugs and money found in his baggage, which are the subject of this proceeding, are not such items and thus Brian Crisby had a reasonable expectation of privacy."This is in stark contrast to the US, where John Perry Barlow was arrested when they found small amounts of drugs in his checked luggage. His appeal was denied, although pages related to that seem to have hit the memory hole.
What's relevant about this is the difference between Canada and the EU and the US. Privacy law in the US is in disarray. At a Constitutional level, the 4th amendment protections have been utterly eviscerated. At a broader level, privacy laws seem to emerge after bad cases.
The result is expensive investment in poor protection. We can and should do better. It would be possible to put in place a data protection or privacy law which protects privacy and respects the rights of free speech. The key is to recognize the role of the government in enabling correlation and linkage. Privacy law should kick in (hard) when the government is involved, either as the gatherer or guarantor of information. That is, if I have to give my legally documented name or my SSN, I should get strong protection. If I can sign up as Mickey Mouse, then privacy law shouldn't apply.
However we do it, we need a sane privacy law for the US.
Bookmark this post:
There have been a couple of interesting stories over the last week that I wanted to link together.
Verizon Employees Snoop on Obama's Cellphone Records (followed shortly by "Verizon fires workers over Obama cell phone records breach") and "4 more Ohio officials punished in 'Joe' data search."
There's a couple of things happening here. The first is that everyone who works in an organization with lots of personal data knows that snooping has gone on forever. But organizations are changing their approach. They are now starting to audit and address that snooping.
The second thing is no one seems all that surprised. Companies have been hiding the problem, and when they own up to it, their customers don't all quit en masse. (It might seem hard to stop having an Ohio drivers license, but then, Joe's already proven you can get by without Ohio licenses.)
We actually saw something similar in the NSA wiretapping case. Much of what we've learned about what happened has come from insiders stepping forward to say that it was wrong. They've given information to journalists so that we can have an informed conversation, because in their professional judgement, the terrorists already knew we were spying on them.
So I see this as a very positive new school step. We're talking about a problem. The sky isn't falling. It turns out that for some things, the watchmen watch each other.
Now, that's not to say we should rely on them to do so. But it's an interesting phenomenon, and one we should look to include in system design. That's often really tough, because pointing out mis-behavior can seem like a "betrayal. That doesn't mean we shouldn't try, we should just do so with a full understanding of how hard it is to change human nature.
Photo by Zog the Frogman.
Bookmark this post:
I hope Flickr shares some of the underlying data. I don't know what anyone would do with it, and there's two ways to find out. One is to talk, the other is to release the data. (For privacy reasons, coded to a broad anonymity set, like the zip code in the US, or groups of postal codes elsewhere.)
Bookmark this post:
And the reason it doesn't work is that just because you're allowed to own something doesn't mean you're allowed to export it. The use, ownership, production, etc. of crypto was never restricted, only its export. In an Intenet-enabled world, export control brings lots of hair with it, which is why it was important to fight export restrictions. I could go on, but I've already ruined an otherwise amusing strip.
Bookmark this post:
Adam and I have discussed Debix several times in the past, so it will come as no surprise, that I am again posting about them.
Debix now has a blog, which will be covering issues around identity theft, breaches and privacy.
Debix also released a new research study examining child identity theft. The most recent blog post, contains some highlights from the study, including that one in twenty people (or one in every classroom) suffers from some sort of compromise to their identity before they reach their maturity with an average of over $12K in fraudulent debt assigned to their names.
As the post says:
Kids are a great target for identity theft, because the younger you target them, the longer you have before it is likely that the act will be discovered and as a result the corresponding amount of fraud that is committed prior to discover is significantly higher with minors than with adults.
Check out the post and the full research study for much more detailed information.
[Image is identity-theft-2 from j_lovefool on flickr]
Bookmark this post:
So, will the Privacy Commissioner investigate? She has limited resources, and perhaps she doesn't see this the way that Arthur does, "there are few groups who care less for this sort of tracking than Jews." Perhaps she has other priorities. (Does anyone know if a formal complaint has been filed?)
Regardless of if the Commissioner investigates, I think there's value to society in allowing citizens to balance government, rather than having to act as supplicants, asking one department to investigate another. The ability to act as a party in a case can be a powerful balancing factor.
Bookmark this post:
I want one with the 4th amendment on it.
Bookmark this post:
I wanted to comment quickly on an interesting post by Michael Zimmer, " On the “Anonymity” of the Facebook Dataset." He discusses how
A group of researchers have released a dataset of Facebook profile information from a group of college students for research purposes, which I know a lot of people will find quite valuable.and
Of course, this sounds like an AOL-search-data-release-style privacy disaster waiting to happen. Recognizing this, the researchers detail some of the steps they’ve taken to try to protect the privacy of the subjects, including:In the comments, Jason Kaufman implies that the data really isn't that private, asking what could go wrong, and why would someone post it to Facebook expecting it to remain private.
- All identifying information was deleted or encoded immediately after the data were downloaded.
- The roster of student names and identification numbers is maintained on a secure local server accessible only by the authors of this study. This roster will be destroyed immediately after the last wave of data is processed.
I have just one question on all of this. If the data isn't private, why did they attempt to anonymize it?
I believe they attempted to anonymize it because it's fairly obvious that the data is private, and releasing it with names obviously attached would be pretty shocking. As Michael Zimmer says, "we really need to keep working on a new set of Internet research ethics and methodologies."
Also, don't miss Michael Zimmer's followup post, "More on the anonymity of the Facebook dataset: It's Harvard College."
Bookmark this post:
According to The New York Times in, "Surveillance of Skype Messages Found in China," the Chinese provider TOM has software in place that reads Skype text messages, and blocks ones that use naughty words and terms, like "Falun Gong," "Independent Taiwan," and so on.
A group of security people and human rights workers not only found out that TOM-Skype is not secure, but found the list of banned words because, as usual, someone didn't set up their servers very well. A report can be found here.
Skype president Josh Silverman replied to the issue today in this article. He says that yes, it's happening:
It is common knowledge that censorship does exist in China and that the Chinese government has been monitoring communications in and out of the country for many years. This, in fact, is true for all forms of communication such as emails, fixed and mobile phone calls, and instant messaging between people within China and between China and other countries. TOM, like every other communications service provider operating in China, has an obligation to be compliant if they are to be able to operate in China at all.
He's right: one of the quandaries of business in China is that you have to put your belief in freedom in a trust when you go there. This is why many of us do not like doing business there.
However, he also said:
We also learned yesterday about the existence of a security breach that made it possible for people to gain access to those stored messages on TOM's servers. We were very concerned to learn about both issues and after we urgently addressed this situation with TOM, they fixed the security breach. In addition, we are currently addressing the wider issue of the uploading and storage of certain messages with TOM.
In other words -- it's bad for the Chinese to spy, and bad for people to catch them at it. Oh, naughty Chinese, and shame on you too, Infowar for dragging this into the daylight.
This comes on top of April's flap in which the German and Austrian governments essentially said that they have no trouble listening in to Skype. Skype hasn't commented on that. This is a different issue, as it appears that the surveillance is being done via malware.
Despite the fact that we still don't know what goes on inside of Skype, it appears that the software is basically secure -- or at least the voice parts are. Or was at one time. The noted cryptographer Tom Berson did an analysis of Skype and showed that it was reasonably secure. There were also reverse-engineering analyses done on Skype by Philippe Biondi and Fabrice Desclaux, presented at Black Hat in 2006 that showed it was secure, if eccentric in its design.
However, despite the security of the voice parts, the text parts are obviously not secure. And we have this uncomfortable set of circumstances:
The problem here is one of labeling, and the market effects. I'm sophisticated enough to know that when Josh Silverman says:
... Allowing the world to communicate for free empowers and links people and communities everywhere.
that he is stating that free (as in beer) is important, even if he's unable to do a lot about free (as in speech) in repressive countries and in the face of law enforcement technologies.
But Skype has always touted itself as a secure technology. The reason that it became popular for free (as in beer) conversations was that we thought and were assured that it was also free (as in speech). Skype themselves paid for a security analysis.
Skype thus became not only the proverbial eight-hundred pound gorilla, but (it seems) the proverbial dog in the manger. Skype's presence has actively hindered other secure-voice technologies. Phil Zimmermann's Zfone, for example, has had to answer the question, "why do we need you when there's Skype?" It seems that he'll be answering that question less. Josh Silverman needs to do something to show us the basic integrity of the system. Presently it appears that he has empowered us to have communities everywhere but China, or Germany, or any place with a sophisticated and powerful government. At the very least, he should protect eBay's investment, because if people conclude that Skype is not secure, eBay may wish they'd invested that $1.6 billion in mortgage-backed instruments instead.
Bookmark this post:
If you are the sort of person who looks at odd legal rulings and opinions, you may remember that a few years ago the US DOJ issued an opinion that stored emails are not protected under the Stored Communications Act. The DOJ reasoning is that when you leave read email on your server, it's not a temporary copy that is needed for the communications (like a mail spool), and not a backup.
This reasoning is bizarre to people who use protocols like IMAP precisely as a backup. It's also bizarre to people who wonder why the DOJ would argue that stored communications are not Stored Communications. Those people tend to think that perhaps this would mean that if those stored emails are not Stored, then it wouldn't be illegal for the DOJ to just kindly request that copies of them be pulled from an ISP's storage (as opposed to their Storage) and be handed over, just in case you've been doing whatever.
The EFF has posted an interesting opinion, one that points out that if stored email is not Stored, then the people who reset Sarah Palin's password and read her email probably did not commit a crime under the DOJ's own interpretations of the law.
There doesn't seem to be much wrong with this reasoning. In any event, it's going to make it hard to prosecute the miscreants, because they will have to explain to a judge why they changed their mind, or why there is one law for veep candidates and one or everyone else. Way to go, guys.
Whatever one's opinion of Ms Palin, it's hard to defend violating her privacy. Let's hope this leads the DOJ to conclude that when you take communications and store them that they would be protected under the Stored Communications Act. As usual, the word is "oops."
(Many people will note that there are undoubtably plenty of other laws to charge them under, starting with the Computer Fraud and Abuse Act. But any good prosecutor can find something to charge someone with. The point is about upholding and enforcing existing laws.)
Photo "Hockey Mom Makeover" by julie.anna.
Bookmark this post:
I got to hear Jeffery Rosen share his thoughts on potential privacy "Chernobyls," events and trends that will fundamentally alter our privacy in the next 3 to 10 years.I don't believe it, and haven't believed it in a long time. As I said in 2006, There Will Be No Privacy Chernobyl. There's too much habituation, too much disempowerment, and too diffuse an impact of any given issue.
I'd love to have to eat those words. Rosen suggests five issues:
Bookmark this post:
Wonderful graffiti art by Mau Mau at the Cans Festival II. Photo taken by Alan Bee.
Bookmark this post:
Dan Solove sent me a review copy of his new book, "Understanding Privacy." If you work in privacy or data protection either from a technology or policy perspective, you need to read this book and understand Solove's approach. That's not to say it's perfect or complete, but I think it's an important intellectual step forward, and perhaps a practical one as well.
I'm going to walk through the chapters, and then bring up some of my responses and the reasons I'm being guarded.
Chapter 1 is "Privacy: A Concept in Disarray." It lays out how broad and complex a topic privacy is, and some of the struggles that people have in defining and approaching it as a legal or social science concept. Chapter 2, "Theories of Privacy and Their Shortcomings" lays out, as the title implies, prior theories of privacy. Having thus set the stage, chapter 3 "Reconstructing Privacy"is where the book transitions from a review of what's come before to new analysis. Solove uses Wittgenstein's concept of 'family resemblances' as a way of approaching the ways people use the word. Privacy (as I've commented) has many meanings. You can't simplify it into, say, identity theft. Solove uses family resemblances to say that they're all related, even if they have very different personalities. Chapter 4, "The Value of Privacy" points out that one of the reasons we're losing privacy is that it's often portrayed as an individual right, based on hiding something. In policy fights, society tends to trump individualism. (Which is one reason the Bill of Rights in the US protects the individual.) Rather than calling for better protection of the individual, this chapter explores the many social values which privacy supports, bringing it closer to equal footing, and providing a policy basis for the defense and enhancement of privacy because it makes us all better off.
Chapter 5, "A Taxonomy of Privacy" is the core of the book. The taxonomy is rich. Solove devotes seventy pages to expounding on the harms done in not respecting privacy, and discussing a balance between societal interests of privacy and the reason for the invasion. In brief, the taxonomy is currently:
I'm also concerned that perhaps this isn't a taxonomy. If you read the old posts in my taxonomies category, you'll see that I spent a bunch of time digging fairly deeply into what taxonomies are, how they come about, how they're used and abused. I don't think that Solove's taxonomy really fits into the core of a taxonomy: a deterministic way to classify things which we find, which various practitioners can reliably use. As in my example of the call centers, the flaws are legion, and some of my classification may be wrong.
At Microsoft, we use STRIDE as a "taxonomy" of security issues (STRIDE is Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) I think, as a taxonomy, STRIDE is lousy. If you know about an issue, it's hard to classify using STRIDE. The categories overlap. On the other hand, it's very useful as an evocation of issues that you might worry about, and the same may be said of Solove's taxonomy. I also don't have a superior replacement on hand, and so I use it and teach it. Taxonomy-ness is not next to godliness.
My other issue with Solove's taxonomy is that it doesn't recognize the issuance of identifiers, in and of itself, as a privacy issue. I believe that, even before the abuses start, there are forseeable issues that arise from issuing identification numbers to people, like the Social Security Number. The act of enumeration was clearly seen by as an invasion by Englishmen who named the Doomsday book. The ability of the US government to even take a census is tied directly to the specified purpose of allocating legislative seats. I see it as self-evident, and haven't been able to find the arguments to convince Solove. (Solove and I have discussed this in email now and then; I haven't convinced him [that identifiers are, per se, a privacy harm])
Chapter 6 Privacy: A New Understanding closes the book with a summation and a brief discussion of the future.
The book has a strong policy focus. I am very interested in understanding how this new understanding intersects both broad laws and legal principles (such as the Fair Information Practices) and specific law (for example, HIPAA). The FIP, the OECD privacy statements, and Canada's PIPED act all show up in the discussion of secondary use. I'm also interested in knowing if an organization could practically adopt it as a basis for building products and services with good privacy. I think there's very interesting follow-on work in both of these areas for someone to pick up.
I also worry that privacy as individual right is important. Even though Solove makes a convincing case that that's a weaker policy basis than the one he lays out, that doesn't mean it's not to be cherished as a social value, and I feel that the view of privacy which Solove presents is weaker to the extent that it fails to embrace this.
In closing, there are three major elements to the book: the first is to take us past the definitional games of "what is privacy." The second is a serious attempt to address the "what do you have to hide" approach to privacy. The third is the taxonomy. Two of these would have been a pretty good book. Three are impressive, even as I disagree with parts of it. Again, this is an important book and worth reading if you work in or around privacy.
Bookmark this post:
Congratulations to Arvind Narayanan and Vitaly Shmatikov! Their paper, “Robust De-Anonymization of Large Sparse Datasets,” has been awarded the 2008 Award for Outstanding Research in Privacy Enhancing Technologies. My employer has a press release which explains how they re-identified data which had been stripped of identifiers in the Netflix dataset. In their acceptance remarks, they mentioned the relevance to the Google-Viacom discussions over how much data would be given to Viacom.
Photo: Nikita Borisov. Shown, from left to right, are Michelle Chibba, of the Ontario Privacy Commissioners Office, presenting the award, Arvind and Vitaly, and Matthew Wright, chair of the award committee, is in the background.
Bookmark this post:
Transport for London is trying to get as many people as possible to use Oyster Cards. They are cheaper -- and theoretically easier to use -- than traditional tube / bus tickets. However, using one means that TfL has a record of your journeys on the transport system, which is something that not everybody is comfortable with.Photo: Voyeur by Jeff VC
Bookmark this post:
All around cool guy, and former provost of the University of Chicago, Geoffrey Stone (the Edward H. Levi Distinguished Service Professor at the University of Chicago Law School), posted earlier this week proposed that "The next president should create a brand new position, which should become a permanent part of the Executive Branch in the future: a Civil Liberties Advisor".
Given past posts here, regular Emergent Chaos readers will hardly be surprised that I am a supporter of this proposal. While I encourage everyone to read the entire post, it's the closing paragraph that really sums why I think this is so important:
Of course, Civil Liberties Advisors may often lose the debate, or even be shunted aside. But sometimes they will win, and sometimes they will raise consciousness and help frame the discussion. Moreover, an administration without such a voice is much more likely to short-change civil liberties than one with such an advocate. The stakes for our nation are simply too high for us to continue to muddle along without someone in this critical position. Indeed, this idea this might well give rise to a whole new meaning to the notion of Homeland Security.
And actually if you replace administration with corporation and civil liberties with customer privacy, you pretty much have the argument for why companies need (and have) privacy evangelists....
[Image is 'Real' Homeland Security by richdrogpa.]
Bookmark this post:
Slyck News has a story, "SSL Encrpytion Coming to The Pirate Bay" a good summary of which is in the headline.
However, may not help, and may hurt. Slyck says:
The level of protection offered likely varies on the individual's geographical location. Since The Pirate Bay isn't actually situated in Sweden, a user in the United States isn't impacted by the law. However for the concerned user living in Sweden, the new SSL feature will offer some security against the perceived threat.
No, not really. There are things SSL cannot do and one of those is protect the IP addresses of the two endpoints. If you assume an adversary who is sniffing traffic, they can tell what the two IP addresses are.
There are other things they can do as well. Suppose, for example, they go to the Pirate Bay landing page and observe that it's 1234 bytes long, and compare that with the size of the SSL transaction you made. If they match in size, then you have a pretty good idea of what the person did.
An attacker that crawled the Pirate Bay site and indexed the sizes of all the objects could construct a map of where people went.
Yes, there will be some uncertainty in it. But there will be less uncertainty than you think. Consider the CDDB database that identifies what CD you just put in a drive. It does nothing more than compare a list of track lengths to known entries, and it's pretty darned good. So good that music plagiarists were caught by someone who saw a CDDB collision.
If the attacker is only trying to construct probable cause so as to raid someone, it's likely good enough. "Yer Honor, the suspect may have gone to page X or page Y, but that only means that they're downloading either X' or Y." Yeah, the judge will probably buy it.
SSL is a great technology for protecting content. You don't care that the attacker knows you bought something, you want to protect your credit card number. It's not very good at protecting the mere act of communication.
There are many things that can protect, but they have their own set of limitations. It's too nice a Sunday afternoon for me to go into them.
Bookmark this post:
Kim Zetter on Threat Level has written about Larry Lessig's comments about Judge Alex Kozinski's problems with having files on a personal server made public.
Zetter has asked to hear people's opinions about the issue. I thought I'd just blog about mine.
Basically, I agree with Lessig. The major place that I disagree with Lessig is in his metaphor of someone jiggling open a lock. I think I would use the metaphor of someone pressing a camera to the judge's window, and shooting pictures of the library through the gauze curtains. It was rude and inappropriate, whatever we might think of Kozinski as a judge. It was a privacy violation, and yes, a form of trespass. Perhaps somewhere in there it shows some hypocrisy, but privacy advocates who cheer showing someone's hypocrisy by violating their privacy are hypocrites, too. (I am not accusing any specific people of this hypocrisy, I'm making a point.)
As Lessig and others have noted, nothing Kozinski did was illegal. Even in the case of his having MP3s, this was not illegal nor infringing, given what we know. It is completely legal in the US to make MP3s from your other media. It is not legal in the UK, nor in other countries, but he's not a judge there. It's also not infringing to set up a private server for family and friends.
RIAA, the MPAA, and other alleged defenders of intellectual property frequently deny that these things are legal, but if someone wants to show Kozinski's hypocrisy by taking up those arguments, they're essentially carrying RIAA's and the MPAA's water. This may be hypocrisy itself, if the people wanting to play gotcha consider themselves anti-RIAA/MPAA. It might also be simple stupidity, too. The media companies often and repeatedly advance opinions that if there were any reasonable regulation of the lawyers would get the media lawyers disbarred. Bringing those cracked opinions to bear against Kozinski only gives them credibility they do not otherwise have.
The one place I do wish to take issue with Zetter's article is this:
On a separate note, the ABA Journal, a publication of the American Bar Association, has a good story today that examines the MP3 issue, noting that Kozinski wrote the dissenting opinion in a copyright case last year in which he sided with the copyright holder in saying that credit card companies that process payment for material that violates copyright should be liable for facilitating illegal sales of copyrighted material. This would imply that if it turns out that Kozinski's site was making MP3 files available for download, he would consider himself liable for facilitating the illegal trade of copyrighted material.
I'll again note that I think I'm disagreeing with the ABA Journal, not with Zetter's remarks on it.
No, this doesn't imply that. The Home Recording Act specifically allows one to time-shift content, media-shift content, and to share that content with family and friends. If Kozinski's son implemented an el-cheapo equivalent of a Slingbox or iTunes Music Sharing and there were bugs in that implementation that let a clever person make unauthorized, infringing copies of the Kozinski Clan's media, that's an embarrassment. I am quite certain that Kozinski fils and père are quite properly embarrassed now. Unless we're going to move from carrying the RIAA's water to insisting on software liability for amateur programmers (won't the FOSS crowd love that), then let's let it drop.
Freedom isn't doing what you want, freedom is defending people you disagree with. I actually don't know if I disagree with Kozinski. I do know that I agree with Lessig. Privacy is an important right, and an intrinsic right. Everyone is deserving of privacy, even judges.
Woodie Guthrie said that some will rob you with a six-gun and some with a fountain pen. It is not as euphonious to note that some will hack you with Metasploit and some will hack you with Google, but it's no less true. I'm not going to stretch that metaphor much further, but I will note that the technological difficulty of an act doesn't change its character. There's good hacking and bad hacking. It isn't good just because it was easy. Conjuring up dirt on a judge with an easy hack is conjuring up dirt a judge. Here's Lessig:
Now imagine ... some disgruntled litigant ... finds some stuff that he knows the local puritans won't like. He takes it, and then starts shopping it around to newspapers and the like: "Hey look," he says, "look at the sort of stuff the judge keeps in his house."I take it anyone would agree that it would outrageous for someone to publish the stuff this disgruntled sort produced. Obviously, within limits: if there were illegal material (child porn, for example), we'd likely ignore the trespass and focus on the crime. But if it is not illegal material, we'd all, I take it, say that the outrage is the trespass, and the idea that anyone would be burdened to defend whatever someone found in one's house.
Lessing spoke of illegal material. An infringing MP3 is not illegal material. Infringement is not theft, but even if it were, a stolen Rembrandt is not kiddie porn. Lessig understand that and that's why he picked the exception he did.
I'm one of Lessig's anyones. It is outrageous to violate this person's privacy and trump up their personal quirks (like thinking they can save a few bucks and write their own media server) into imagined crimes. If you believe in the right of privacy as a fundamental human right, then you should be outraged, too. We are all deserving of privacy. Even judges. Even judges who defend copyright. Even judges whose sons write buggy software.
Those of us who believe in the right to control the media we legally have in the way we see fit, not the way the media companies see fit should be defending Kozinski. Those of us who believe that creating software should be an unencumbered right should be defending Kozinski. We need to remember which side we're on. It's the side of liberty, not control.
Bookmark this post:
One of the curious features of Quantum Cryptographers is the way they harumph at mathematics. "Don't trust that math stuff, you should trust physics."
It's easy to sneer at this attitude because physics has traditionally gotten its cred because of its foundations in math. Physicists are just mathematicians who don't squick at canceling dxes. Quantum people had a hard time for a while because some of their math ended up dividing by zero, which squicks many people even more than canceling differentials. Feynman got around that with some clever drumming and some pictures, but I sneer at the Quantum Crypto lack of respect towards mathematics every chance I get.
On the other hand, some of their attitude is justified. A few months ago, I shut up a cryptographer who was railing about the stupidity of religious people by saying, "Oh, yeah? Well, there's no proof that factoring is hard. You're taking that on faith. Intelligent Design, RSA, what's the diff?" just because I hate all forms of certainty.
And so it is impossible to hide the smile on my face as I point you to the arXiv blog entry, "How to build a quantum eavesdropper" in which physicists Yuta Okubo, Francesco Buscemi, and Akihisa Tomita describe an experiment in how to create a quantum eavesdropper on quantum cryptography. The paper is here.
No word on when they're going to propose to the ESA to do the experiment on the ISS.
The xkcd comic is "Purity" by the talented Randall Munroe.
Bookmark this post:
The Telegraph reports in "Hats banned from Yorkshire pubs over CCTV fears" that
Pubs in Yorkshire have been ordered to ban people from wearing flat caps or other hats so troublemakers can be more easily recognised.
And in other news this weekend, MPs have stamped their little feet insisting that Britain is not a surveillance society.
Photo "flat cap Harry" by theolip.
Bookmark this post:
You may have seen this article from the India Times, "Govt may get keys to your BlackBerry mailbox soon." Many people have been commenting on it, and the hand-wringing should build up to a good storm in a few days.
The gist of the article is that the Indian Government has told RIM that if they can't read BlackBerry email, they might just ban all BlackBerries from India, and that RIM is caving.
Being the sort of person I am, I called someone who actually knows something. I can't tell you anything more, precisely because they actually know something.
What I was told is that this is complete FUD and false. The BlackBerry crypto is real crypto, just like SSL, PGP, S/MIME or anything else. The keys are generated on the handsets and on the BES server. There is end-to-end crypto, using real protocols like SPEKE. RIM doesn't have the keys to give. RIM cannot give the keys over because only the devices have them.
Of course, as is true in all hatchet jobs, the lead is with weasel-words:
In a major change of stance, Canada-based Research In Motion (RIM) may allow the Indian government to intercept non-corporate emails sent over BlackBerrys.
See that? It's the word may.
Here's my own text, which I know may be true because I just may have made it up:
In a major cryptographic breakthrough, Canada-based Research In Motion (RIM) may soon put quantum cryptography in all new handsets, preventing any interceptions, because it's well, you know, quantum, and quantum is cool.
Or this:
In a major scientific advancement, Canada-based Research In Motion (RIM) may have accepted an order for 10 million BlackBerrys from space aliens living on Epsilon Erandi. A faster-than-light (FTL) email relay server may be installed at Barnard's Star as part of this groundbreaking, er, space-breaking agreement.
And even:
In a major economic development, Canada-based Research In Motion (RIM) may have purchased the Large Hadron Collider from CERN. According to officials close to the development, Canadian High Commissioner David Malone may have approved the deal not merely despite, but actually because of the chance that the LHC could create a small black hole that would devour all of France. "Canada is just fed up with the pointy-lips in France making fun of their accents and may have decided to take proactive action. Details on this one will be provided in two or three weeks," sources close to the deal may have told Emergent Chaos. No comment was available from the United Nations at posting time.
May, while a merry month, may also be the tool of liars.
RIM, I know you're reading this, not only because we are one of the top 25 blogs, and not at all because we speak for the President of the United States, but because Adam used to live in Montréal and is no pointy-lips. Please, please give us a definitive statement. You have to call bullshit on this sort of thing before it becomes destructive.
I know and you know that there would be no better publicity for you than to call their bluff and say, "D'accord, pas des mûres pour vous." We would all cheer. BlackBerry sales will soar.
Bookmark this post:
He digs deep into how extensively TransUnion outsources, and where. I went looking, and was surprised to see that their privacy policy is at least honest. They make no claim that they care about your privacy, nor any that they apply the highest standards of security to your information.
Bookmark this post:
Use of CCTV images for court evidence has so far been very poor, according to Detective Chief Inspector Mick Neville, the officer in charge of the Metropolitan police unit. "CCTV was originally seen as a preventative measure," Neville told the Security Document World Conference in London. "Billions of pounds has been spent on kit, but no thought has gone into how the police are going to use the images and how they will be used in court. It's been an utter fiasco: only 3% of crimes were solved by CCTV. There's no fear of CCTV. Why don't people fear it? [They think] the cameras are not working." (BBC, "CCTV boom 'failing to cut crime.'")Blogosphere analysis: Schneier, Stoddard.
Our thought? Their chocolate ration needs to be increased to 20 grammes. Action this day.
Image credit: Emergent Chaos
Bookmark this post:
Bookmark this post:
How much do you make? How surprised would you be to learn that your magic number had been posted on the Internet by the government? And that it was not by mistake, as in other recent breaches of privacy.How Much Do You Make? The Nation Already Knows. The data has already been removed from easy web access at the official site. Bloomberg's report indicates that it wasn't simply posted to the web, but offered up as spreadsheets:
A ministry Web site was bombarded by Italians curious to see what their neighbors or favorite actors declared as income, making it often impossible later in the day to download spreadsheets with the name, date of birth, total income and amount each taxpayer paid.
If anyone knows where the mirrors are, please share.
I ask not out of prurient interest, but because it's not so easy as taking data off the website.
Bookmark this post:
As part of its regular "risk management" service, which provides screening, tracing, and identity and background checks on potential clients or trading partners, MicroBilt will now offer a "watch list" service that checks these individuals against 63 different lists from 35 sources, including OFAC, the FBI, and Interpol, Bradley says. ("Companies May Be Held Liable for Deals With Terrorists, ID Thieves", DarkReading)I say more than 63 because some unknown number are secret. The poor souls who find themselves on these lists have, in essence, no recourse. Convincing 35 or more agencies that their presumption of your guilt is incorrect might, in theory, be possible. In reality, the agency has no reason to do anything but drag its feet: there are no penalties to them for declaring you guilty. In contrast, a failure to put your name on the list risks them not having prevented you from your future thoughtcrime.
But there's hope. And it's not in MicroBilt's stock price (MicroBilt is a subsidiary of First Advantage). Rather, it's in the courage of a judge, who ruled that any American who has been routinely detained because they are on a watch list knows that they are on a list, and thus the government's 'State Secrets' privilege isn't applicable:
since the government admits it has stopped the six men and two women more than 35 times, federal Magistrate Judge Sidney Schenkier of the United States Northern Illinois District Court dismissed that argument. Instead he found that the government "failed to establish that, under all the circumstances of this case, disclosure of that information would create a reasonable danger of jeopardizing national security." (" Court: Government Must Reveal Watch-List Status to Constantly Detained Americans," Wired's excellent 27B-6 Mk IIa blog)
Bookmark this post:
Banksy has done a wonderful service. The well-known artist has given us delightful commentary on surveillance.
Better than that, he did it in a site above a Post Office yard in London (Newman Street, near Oxford Circus), behind a security fence and under surveillance by CCTV. His team erected three stories of scaffolding on Saturday, did their work, and removed the scaffolding on Sunday.
The Daily Mail has photos that include the CCTVs overlooking the work.
Photo courtesy of Herschell Hershey's photostream.
Bookmark this post:
I'm breaking blog silence to report on an amazing decision out of the DC Circuit holding that the federal Privacy Act's requirement that Plaintiffs show actual damages does not require pecuniary harm but can be met by a showing of emotional distress. Am. Fed'n of Gov't Employees v. Hawley, D.D.C., No. 07-00855, 3/31/08.Links: Her post, "Am. Fed'n of Gov't Employees v. Hawley.pdf."[T]he plaintiffs' alleged injury is not speculative nor dependent on any future event, such as a third party's misuse of the data, the court said. The court finds that plaintiffs have standing to bring their Privacy Act claim.This follows the Supreme Court's holding in Doe v. Chao, 540 U.S. 614 (2004) that a plaintiff must prove actual damages to succeed on an alleged Privacy Act violation, however in that case, the court never defined "actual damages."
I think this is a fascinating decision. The assertion that privacy damages are primarily financial is a very narrow one. We have already entered an age in which information is widely understood to have great value. Much of that value derives from a mind-numbing array of intrusions on seclusion, and allows for action on a poor shadow of what we used to call reputation.
As the value and use of that data grows, the costs and risks of abuse or negligence in the gathering, storage or application of that data also grows. There's every reason to expect that the law will find a way to sort out those torts.
Bookmark this post:
At the International Association of Privacy Professionals meeting last week, I had the pleasure of meeting Wendy Richmond.
Richmond is intrigued with the ways in which we share our public space. Some of us create invisible buffer zones for quiet reverie; others enhance or negate reverie through portable technology like iPods, cell phones and laptops. These zones become the subject of her videos and stills. Satisfying in both form and content, they are psychologically riveting, intentionally beautiful, and surprisingly witty portraits of our private lives lived publicly." (From "Public Privacy" site.)I think it's tremendously cool to add an artist and their art to a business conference. Too often, we find ourselves focused entirely on questions such as cost of compliance, or forthcoming regulation. Bringing in new and different perspectives may be uncomfortable or challenging, but it's important to remember the people for whom we're doing this work.
I'd encourage anyone running a conference to consider bringing in artists whose work touches, even tangentially, on the subject at hand.
Who knows, you might have some chaos in an otherwise too-well-oiled machine.
Photo: Wendy Richmond, photo with Adam's cell phone and permission.
Bookmark this post:
The Washington Post reports:
The State Department said last night that it had fired two contract employees and disciplined a third for accessing Sen. Barack Obama's passport file.Obama's presidential campaign immediately called for a "complete investigation."
State Department spokesman Tom Casey said the employees had individually looked into Obama's passport file on Jan. 9, Feb. 21 and March 14. To access such a file, the employees must first acknowledge a pledge to keep the information private.
The employees were each caught because of a computer-monitoring system that is triggered when the passport accounts of a "high-profile person" are accessed, he said. The system was put in place after the State Department was embroiled in a scandal involving the access of the passport records of then-presidential candidate Bill Clinton in 1992.
"The State Department has strict policies and controls on access to passport records by government and contract employees," Casey said.
The department uses contract employees to help with data entry, customer service and other administration tasks. The employee involved in the March 14 incident has only been disciplined so far, because the probe of that incident is continuing, an official said.
My translation is that the State Department, "in order to serve you better", violates the principle of separation of privilege and allows individual contract call center people to access the passport data for everybody in the country. Then, after a high-profile person has his privacy grossly violated (they ran Clinton's file because of malicious, false rumors he renounced his US citizenship during the Viet Nam era), they put in detective controls (not preventative -- too obvious), but these only work for important people.
Nice.
Luckily, Bill Burton, spokesman for Senator Obama, has a keen grasp of the issues:
"This is a serious matter that merits a complete investigation, and we demand to know who looked at Senator Obama's passport file, for what purpose, and why it took so long for them to reveal this security breach."
One way to learn some of that, as I am sure Mr. Burton's boss knows, is to get a decent national breach notification law.
While State may have been slow, they did the right thing, and canned the violators. Nothing reinforces a security policy better than a public execution, and nothing undermines one more effectively than blatant non-enforcement. With recent privacy breaches affecting not just semi-celebs like Presidential candidates, but also really important people, making sure that punishment is swift and sure seems like an obvious way to "incentivize good behavior".
Bookmark this post:
Bookmark this post:
After weathering days of criticism from Germany over a spectacular tax evasion case, Liechtenstein — sometimes seen as the inspiration for the satirical novel from the 1950s about a tiny Alpine principality that declared war on the United States — is digging in for what may be a prolonged battle to defend its lucrative tradition of banking secrecy against what it views as attacks from a giant neighbor.Of course, Germany, and the other large nations would like to pretend this is about fraud, not competition for business. They'd like the smaller nations to harmonize their tax codes, and prevent the messy chaos of having to compete on their laws. Countries such as Liechtenstein offer alternatives, and act as a brake on the unfettered invasions of privacy that otherwise intrude on all our lives.
This isn't about Liechtenstein above all others, it's about diversity. It's about diversity in approaches to taxation leading to diversity of choices. It would be stereotyping to assert that the orderly Germans or the bureaucratic French don't like Liechtenstein solely because it's different. Really, it's because few governments have any appreciation of, or love for liberty.
Governments and their employees focus on their goals and their (always enlightened) rules. This isn't about Liechtenstein putting itself above others, but allowing people to put their own self-interest ahead of that of the functionaries and bureaucrats.
Some chaos emerges, and we think it's a fine thing.
Bookmark this post:
I was dismayed to learn that footage of Spitzer's (alleged) rent-a-babe "Kristin" performing in a class play while in elementary school has been featured at various web sites -- among them serious sites that should know better.
One could argue that this woman made her bed, and now she can lie in it (puns intended). That's fine. However, the child in that school play did not make any choices about it being immortalized digitally, and to bandy this footage about in the guise of news does violence to a part of "Kristin" -- her memories of a more carefree and innocent time -- the sanctity of which should be respected. It won't, of course, but we can at least recognize what could have been.
Bookmark this post:
The New York Times claimed that the "Revelations Began in [a] Routine Tax Inquiry." I wish we had better insight into how true that is. In perhaps closely related news, "Fraud Police Buckling Under Mountains of Data." So what kicked off this routine investigation? Was it data or voyeurism?
What does a guy need to do to get a little privacy in this country, anyway?
Bookmark this post:
Kim writes:
I personally think we are just beginning to understand what it would mean if everything we do is both remembered and automatically related to everything else we do. No evil “Dr. No” is necessary to bring this about, although evil actors might accelerate and take advantage of the outcome. Linkage is just a natural tendency of digital reality, similar to entropy in the physical world. When designing phsyical systems a big part of our job is countering entropy. And in the digital sphere, our designs need to counter linkage.This has led me to the idea of the “Need-to-Know Internet”.
...
Our goal is that Minimal Disclosure Tokens will become base features of identity platforms and products, leading to the safest possible intenet. I don’t think the point here is ultimately to make a dollar. It’s about building a system of identity that can withstand the ravages that the Internet will unleash. That will be worth billions.
On a personal level, I'm happy to be working with Stefan again, and look forward to what Microsoft and our customers will be able to achieve with this technology.
Previously on Emergent Chaos:
[Updated with some quotes from Kim.]Bookmark this post:
Dan Solove has an interesting article up, "Coming Back from the Dead." It's about people who are marked dead by the Social Security Administration and the living hell their lives become:
Dan starts with quotes from the WSMV News story, "Government Still Declares Living Woman Dead"I'd propose a different solution: libel law. These organizations are making false and defamatory statements about people. They should be held accountable, under existing law.According to government paperwork, Laura Todd has been dead off and on for eight years, and Todd said there's no end to the complications the situation creates.Responsibility should be placed on every entity that maintains records to ensure that information is correct and that errors are promptly fixed. Moreover, when information is shared with others, the one sharing the information should have duties to inform the others of the error; and those receiving the data should have a duty to check for corrections in the data from the source....
According to a government audit, Social Security had to resurrect more than 23,000 people in a period of less than two years. The number is the approximate equivalent to the population of Brentwood.
...
Illinois resident Jay Liebenow was also declared dead. He said Todd is now more vulnerable to identity theft because after someone dies, Social Security releases that person’s personal information on computer discs. He said the information is sold to anyone who wants it, like the Web site Ancestry.com.
I've been discussing libel and the credit agencies for years, in posts like "Because That's Where The Money is: Ethan Leib's ID Theft" or " Government Issued Data and Privacy Law." I've yet to hear why libel law isn't a reasonable and easy approach to the problem. As Nick Szabo comments in "The Discovery of Law," "common law is a painstaking way of discovering and making better law, case by case, dispute by dispute, piece of evidence by piece of evidence."" I'm not calling for a broad overhaul. I think that a common law approach to libel law would likely address many of our issues with the way data flows between organizations.
Bookmark this post:
Last week, Siva Vaidhyanathan, of Sivacracy, released a new column in the Chronicle of Higher Education, Naked in the 'Nonopticon' has some refreshing thoughts on privacy and surveillance that I wish more of us on the security side understood better. His main themes are (in his own words):
1) Anyone who claims "young people don't care about privacy" doesn't understand that privacy is about control, not about whether we choose to reveal our sexual or consumer details in public forums.2) We have at least four "privacy" interfaces" and try to govern our details and reputations differently in each one. For instance, we regulate information about ourselves one way among friends and family, and a different way with Amazon or Google.
3) The "Panopticon" model of surveillance is stale and inapplicable to the current situation. We don't suffer from knowing we are being watched. We suffer more from the surveillance we are not supposed to see or understand -- such as the illegal domestic wiretapping in the United States.
Additionally, his reviews of Daniel Solove's and James Rule's new books, makes me wish I had more time to read in the next few weeks.
[Image from hawkinspi.com]
Bookmark this post:
Our second series of three debates kicks off today and the first proposition raises important questions about civil rights and the trade-off between Privacy vs. Security. As a blogger and member of the community that The Economist aims to serve with this lively debate, we wanted to extend an invitation to you and the readers of Emergent Chaos to join the debate by blogging or commenting to the debate floor. (No subscription is necessary).The debate: "Proposition: Security in the modern age cannot be established without some erosion of individual privacy."
Have at Mr. Livingstone, arguing for the side of order and no emergent chaos, or, if you must, Mr. Barr, on the side of truth, justice, and the American way.
Bookmark this post:
On December 19th, Denebola, the student run newspaper of Newton South High School, broke the news that video cameras had been secretly installed in their school. Not only were students and parents not notified of the cameras but apparently neither were any of the teachers. From the student article:
According to Salzer, only he, Superintendent Jeff Young, Director of Public Facilities Mike Cronin, and a small security team were aware of the cameras. They did not inform faculty members, and the Newton Fire and Police Departments are not involved in their operations.
Boston.com is reporting that the school committee and the teachers union are asking why there weren't contacted or involved in this discussion.
Newton Teachers Association (NTA) President Cheryl Turgel is unsure whether the cameras violate teacher contract agreements or faculty privacy rights. The Newton Public Schools did not warn the NTA prior to the camera installation of their decision. While Turgel is not necessarily opposed to the Newton Public Schools using surveillance cameras to deter vandalism, she feels that the NTA should have warned of the installation.
While the Boston.com article ignores the issue of student privacy, the student paper does not:
Staff Attorney for the American Civil Liberties Union Foundation of Massachusetts Sarah Wunsch notes that, while the legalities of putting surveillance cameras in schools without notifying the public is a rather gray area, South’s installation is “at the very least, an awful thing to do.”
The one saving grace is that the cameras are not yet operational, apparently due to a software problem. When fully operational, the principal will be able to access the previous 31 days of footage on any of the cameras. I really hope (and seriously doubt) that a proper security audit has been done on this system to ensure that other people won't be able to remote access this footage.
Bookmark this post:
A surgeon who allegedly took a photo of a patient's penis during an operation at a US hospital is no longer working there, it has been announced. Dr Adam Hansen, of Arizona's Mayo Clinic Hospital, is accused of taking the snap while conducting gallbladder surgery earlier in December. (BBC, "US 'penis photo doctor' loses job.")For a doctor to violate patient confidentiality like this is a stunning lapse of judgement. If he did what he's accused of, I hope the impact on his career lasts as long as the impact on his patient.
Oh, I tried, but couldn't find an appropriate picture to go with this post.
Bookmark this post:
Life is about to get a lot more complicated for companies that do business in California. I completely missed this getting signed back in October, but on 10/14, the Governator signed AB1298 which updates CA1386 to mandate that medical and health insurance policy information also are to be treated as PII. To say that this is a huge quantity of information that now needs to be encrypted is an understatement. To make things even more challenging for companies that handle this sort of data, AB1298 goes into effect on January 1, 2008, lots of folks are going to be scrambling to implement encryption or be crossing a lot of fingers and hoping they don't have a breach before they can come into compliance. It will definitely be interesting to see who publishes a breach first and if these new breaches follow the trends of the breaches we've already been seeing with financially oriented PII. It should also be interesting to see if any of the other 39 states (and Washington DC) follow suit and if so, how long it takes for them to do so.
[via the IAPP and Rebecca Herold]
Bookmark this post:
The Telegraph is concerned that
www.telegraph.co.uk
The most senior British intelligence official, appointed yesterday to oversee MI5, MI6 and GCHQ, has a website revealing his home address, phone numbers and private photographs of himself, family and friends.
The upshot seems to be that the gent in question, Alex Allan, lacks the circumspection one would demand of a high-level intelligence official.
While the Telegraph is loath to reveal at which personal web site Mr. Allan wrote of his personal history -- including his love for the Grateful Dead -- a simple Google search locates it trivially. From what I saw there, the guy seems intelligent and cool. Perhaps some of the juicier bits have been removed, but much of what the Telegraph goes on about was easy to find, so I don't know.
Call me naive, but I think the value in seeing the head of a spy agency as a thoughtful human being outweighs the danger wrought by having his address known publicly.
[Photo credit, Ken Towner (via Alex Allan's secure undisclosed web site)]
Bookmark this post:
Privacy in the EU has been hugely in the news in the last week. Check these out:
European Union justice ministers Friday agreed on a minimum set of rules protecting the cross-border exchange of personal data by law-enforcement agencies in the 27 member states. There's were lots of other proposals discussed, including ones that mimic US Visit and datasharing of flight passenger information.
Data Protection Act doesn't ban parents filming the school play.
I would expect that some five years down the road, we need to see some changes in the existing framework," said Hustinx, the European Data Protection Supervisor (EDPS). "Where? Not in the principles, although some parts perhaps need to be revisited, my emphasis would be we need more flexible arrangements to make it work better, to make it more effective.
The European Commission has published a plan to compel EU members to gather more information on air passengers travelling in and out of the EU in what it says is an attempt to combat terrorism. Of course, it's never that simple:
Statewatch editor Tony Bunyan said that the increased monitoring was unwarranted. "This is yet another measure that places everyone under surveillance and makes everyone a suspect without any meaningful right to know how the data is used, how it is further processed and by whom," he said. "Moreover, the profiling of all airline passengers has no place in a democracy."
Back on August 1st, the Office of the Privacy Commissioner of Canada, released guidelines for handling breach disclosures. Key Steps for Organizations in Responding to Privacy Breaches lays out the definition of a breach and a high level process for dealing with breaches, starting with containment, moving through assessment to notification and finally prevention of future breaches.
To assist with the process, the Commissioner also released the Privacy Breach Checklist which takes the guidance from the first document and reproduces it in an easier to follow format at the time of an incident occurring. This checklist in particular would be a great starting point for any incident response team dealing with privacy breaches.
Bookmark this post:
The "gPhone" was announced today. I put gPhone in quotes, because there was no actual phone announcement. What was announced was the "Open Handset Alliance" and their toolkit, Android. They are
"...committed to commercially deploy handsets and services using the Android Platform in the second half of 2008."
and
"An early look at the Android Software Development Kit (SDK) will be available on November 12th."
This makes the announcement the biggest marketing anticlimax since the Segway. They're not announcing anything but a toolkit, and I don't even get to see that for a week. That week only increases the "WTF?" I keep murmuring. Yes, yes, there was this huge buzz surrounding gPhone/Android, but why are you leaving people like me with nothing to do but be snarky for a week, without having the code there. If the code were there, any comment I could make could be pushed back with the reply of, "go look at the SDK." Absent an SDK, I have to peer at what is on the web site, and what is there is anticlimactic, as there will be no phones for a year (or longer). It's less of an anticlimax than cold fusion, but that's not hard.
The parts of Android that aren't an anticlimax are downright frightening.
Some of that is harmlessly frightening. There are two videos on the OHA web page. One is of children talking about, "if I had a magic phone" and it is treacly and content-free. I, too, would love to have a phone that made me an astronaut, take me to the moon, make cupcakes with sprinkles as well as pizza, cookies, and peanut butter sandwiches, and help animals feel better. I would pass on the phone that turns into underpants, and if the gPhone Android does this, I'll stick to something else, thank you.
However, I believe we already have phones that take pictures, fit in my pocket, and have a keyboard. As a matter of fact, there is one of those in my pocket now. Those suggestions show the difference between being imaginative and innovative. Watch this video; I've inoculated you from needing a barf bag.
The other video is of a bunch of adults showing the same level of attachment to reality. The closing child remark is that a magic phone will do whatever you want it to and that is the theme of this second video.
The adults say some telling things. The video opens up with a sound check and a clapper, to let us know this is unfinished. Nick Sears and Andy Rubin's dog tell us about how this comes from thinking from Danger (who made the Sidekick) and T-Mobile, not Google. Despite what the paper of record has said, Google is nowhere mentioned. People who have been following the gPhone rumors know that Google bought the company, Android, that is now giving us the phone software, Android. The message, therefore, is that this isn't really Google, it's Android. They tell us that there is no gPhone, "what we're doing is enabling an entire industry to create thousands of gPhones."
So this is a committee-based, excuse me alliance-based system. It's Linux and all the stuff like GTK toolkits. The tech lead, Brian Swetland, tells that there will be "at least five people out there who read Slashdot, who will be all over that." I blinked when I heard that. Go watch the video for yourself. I didn't take that quote very much out of context. This is not a phone. It is an OS and toolkit. That's it.
The vision behind this non-announcement? Well, the kids want cookies, pizza and trips to the moon. The adults want a shared family calendar (ummm, doesn't the iPhone have that? Not having an iPhone, I don't know, but I thought it does), "keep track of my kids," "maybe some social thing," "my taxes," and "make me understand my wife better -- it would translate her thoughts" (this latter one coming from German Bauer, Experience Designer). Oh, man, I'm sure Jonathan Ive is kicking himself now. (Or maybe not. If you're an android, understanding humans you've married is hard. I think Mr Ive is sympatico with humans.) I finished watching that saying, "That's it? That's it? That's all you can think of?" It is harmlessly frightening because I'm frightened that so many smart people can have so little there.
Missing from the vision of children and adults alike is my vision of a magic phone. I want a magic phone that doesn't drop out every other word when someone calls me, and can display their name when they call, even if one of us is in a different country. My magic phone makes phone calls.
I loathe my present phone with a special white-hot passion because it has a GPS and can show me with Google Maps where I am to three meters, but it doesn't do the things that I think a magic phone should.
The serious frightening parts are in the Android are in the text of the overview.
"All applications are created equal. Android does not differentiate between the phone's core applications and third-party applications. They can all be built to have equal access to a phone's capabilities providing users with a broad spectrum of applications and services."
or
"For example, Android enables developers to obtain the location of the device, and allow devices to communicate with one another enabling rich peer-to-peer social applications."
In other words -- there's no security. Nowhere on the Android web site does that word appear. But they do flat out have as their vision tracking people. The architecture proudly enables geo-targeted ads, malware, bots, spyware and so on. The designers tell us they don't understand their spouses and want to track their kids before they tell us.
"Android breaks down the barriers to building new and innovative applications. For example, a developer can combine information from the web with data on an individual's mobile phone -- such as the user's contacts, calendar, or geographic location -- to provide a more relevant user experience. With Android, a developer could build an application that enables users to view the location of their friends and be alerted when they are in the vicinity giving them a chance to connect."
Gosh, thanks. Eesh.
The clear winner in this announcement is the collection of Apple, Microsoft, Symbian, and RIM, who should see no threat in a committee whose vision is to deliver things that you can get from the iPhone, N95, or other present smartphones. The clear loser is OpenMoko. Sorry, guys. You're dead. Someone else has Linux phone with no apps, and a bigger marketing budget. They're also smart enough to flee from Copyleft and the GPL. They're are using Apache licensing, so they are more open than you. I recommend switching to delivering Android on your hardware for those "five Slashdot readers."
If the winners want to kill Android, they can, easily. Let's suppose that Apple said that Android-compatible apps would work on iPhone 2, or Microsoft said the same thing about the next version of Windows Mobile. Much of the reason for considering Android to be separate would vanish.
Fortunately, we the humans who use phones do not appear to have any threat from the androids, because sometime next year they're going to deliver this year's smartphone.
Bookmark this post:
I asked Bob Blakley and Mike Neuenschwander some questions about Limited Liability Personae. Rather than focusing on the implementation, I wanted to talk about the high level purposes, as well as concerns that most people have with the idea of a persona. Whenever I discuss personae, there are issues that frequently come up, for example:
Mordaxus: What do you have to hide? That's the obnoxious way to ask why one needs a persona. What problem does a persona solve? Is there another way to do this?
Bob Blakley: It has nothing fundamentally with "hiding". It has to do with compartmentalizing risk.
There's no good reason getting my social security number stolen should result in my bank account getting cleaned out and my credit record being polluted. This only happens because I have to "invest" my bank account in a transaction (and hence put it at risk) every time someone asks for my SSN. If I have a persona which has its own ID number and a separate bank account with a limited amount of my money in it, when I engage in a transaction I only have to put "as much of my resources and information as necessary" into the transaction. This means that my other resources (the ones I "hide") do not have to be exposed to thieves and other bad actors.
One can of course use a persona to adopt a personality other than the one used at work or socially. This can be destructive (as when it's used to perpetrate fraud or otherwise deceive) or constructive (as when one builds an interesting character in an online game, or constructs a persona as an artist, and so on).
Mordaxus: Won't this just let people run amok? Many people think that "anonymity" (which I put in quotes because it includes pseudonymity to these people) is the root of many evils. I disagree and think it is a lack of accountability. It doesn't really matter, though. How will personae make the situation better for anything from identity theft, to paying one's bills, to politically-motivated Wikipedia edits?
Bob Blakley: An LLP isn't anonymous, and it is accountable. The government agency which creates it requires a registration process. If something socially harmful is done using the LLP, the normal legal process can be used to associate the LLP with its owners (in fact ownership is usually public information). But as long as the law is followed, the liability incurred by the LLP does not transfer to the owners, and the owners can shield their "real" identities from transaction partners as long as the follow the law and the rules of LLC operation.
Regarding Wikipedia edits, assuming for the moment that there is actually a problem with them, an LLP is not designed to prevent politically-motivated activity of any kind including edits, and, as noted above, it's not designed to be a vehicle for unbreakable anonymity.
Mordaxus: How will it actually protect me? This comes back to asking what a persona is actually good for.
Bob Blakley:Liability limitation is what LLCs are all about. The fundamental notion of the corporation is that it allows individuals to invest some of their resources in an enterprise which might sustain significant losses, without putting at risk resources which are not invested in the corporation.
Today the liability-limitation (and taxation) benefits of incorporation are enjoyed by business enterprises and the wealthy, but mostly not by private citizens who are not wealty. The LLP proposal is essentially intended to provide the risk-management benefits today enjoyed by the rich to everyone.
Mike Neuenschwander Good questions. I know Bob already took the bait on this one, but I'll add a little more in the way of theoretical background. First, persona building is an important human activity. In everyday experience, it's easy to perceive the self as unified, fixed, separable identity, but that's not the case at all. (The philosophical / scientific discussion of the topic can be found here.) When you probe the idea of self bit deeper, you realize that people construct personas for nearly every relationship they engage in. They do this to fill a role that the relationship requires. Personas help set expectations among participants in a relation, provide protections for participants, and set parameters for behavior. Personas also "instruct" participants on how to behave. Role playing an archetypal character is an efficient method for humans to disseminate wisdom throughout society and across generations.
In the natural world (vs the online world), mechanisms exist to place costs on the creation of personas, so people can't create an indefinite number of them. The natural world also makes it costly to shed personas or to defect from relations and society. In other words, there are natural processes in the natural world from keeping the system in check. In the digital world, they're woefully sparse. We have "emoticons" (which emote individuals' feelings) but we need "social emoticons," which promote empathy, reciprocity, and trust among individuals.
Bookmark this post:
"We are committed to testing technologies that improve security while protecting passenger privacy," said TSA administrator Kip Hawley in a statement. "Privacy is ensured through the anonymity of the image: It will never be stored, transmitted, or printed, and it will be deleted immediately once viewed." (Emphasis added)Hey Kip, precisely how do images go to a remote location to be viewed without being transmitted?Ensuring privacy, as the TSA describes it, involves having security officers view images from remote locations. Thus, the security officer cannot identify the passenger, visually or by some other means, but can send word to fellow officers if a threat is detected.
Call Congress and ask why TSA is allowed to outright lie to people.
There's other good analysis of the proposal in the Information Week article. I simply wanted to comment on the obvious inconsistency in what TSA is claiming.
Bookmark this post:
Good commentary and context at Threat Level, "Howto: Check Your Homeland Security Travel File."
Bookmark this post:
...airport police Sgt. Dave Karsnia, who was investigating allegations of sexual conduct in airport restrooms, went into a stall shortly after noon on June 11 and closed the door."Idaho Senator Says He Did No Wrong."Minutes later, the officer said he saw Craig gazing into his stall through the crack between the door and the frame.
After a man in the adjacent stall left, Craig entered it and put his roller bag against the front of the stall door, ''which Sgt. Karsnia's experience has indicated is used to attempt to conceal sexual conduct by blocking the view from the front of the stall,'' said the complaint, which was dated June 25.
My first thought on hearing this was that Sgt. Karsina clearly flies less than I do, because there's no other place to put your bag other than against the stall door, and important TSA security advisories tell you not to leave your luggage unattended.
Now, I don't know about you, but I'm worried about the police in our airports. They just might not have enough to do. Odds are good that Karsina was deployed to the airport to watch for terrorists, and other serious threats. That there were no visible terrorist threats makes it easy to re-deploy him to things that people might be complaining about, like perverts in the bathrooms.
When we add additional "behavior detection officers" ("that's right, your honor, he was behaving"), what's going to happen? They're going to detect freaks and hippies and peace protesters.
A major problem with secret rules is that they tend to come to reflect prejudices of the day, like gays. A problem with very low frequency problems is that it's hard to stay focused on them, rather than the pervs in the bathroom.
It seems odd to me that people have sex in airport bathrooms. You have to go through security to get there, other people will be walking in. But if there are complains of people having sex in the bathroom, the right solution would be to have a bathroom attendant, not a cop. (As Kip Esquire points out.)
[Updated: struck the word "self" before "important TSA security advisories" and corrected "Senators" to "perverts." Emergent Chaos apologizes for the chaos.]
Bookmark this post:
Auto body repair shops in British Columbia are complaining to the province's privacy commissioner about the public auto insurer requiring that the shops hand over customer credit card information in the course of routine audits.David Fraser, "BC auto body shops object to auto insurer's credit-card policy," quoting the Vancouver Sun.The complaint, obtained by The Vancouver Sun, says the disclosure without written consent is "clearly unlawful.""It's of concern to us," said Gerry Preddy, vice-president of the association. "We've had examples of files being lost [by ICBC]."
Bookmark this post:
John Mackey took a different approach. He didn't blog, but engaged in conversation on a message board about his company.
I think it's a good thing to be able to hear from CEOs shedding their spin, from journalists freed of their need for access, and everyone else who wants to put forth their own words to stand or disappear on their own strength.
Fake Steve is a little less interesting since the unveiling. The posts about immortality were a nice touch, but, I thought, over-wrought.
Bookmark this post:
Now that anonymity is no longer possible, there has been a huge decline in the number willing to donate. So more patients travel for treatment to countries where anonymity is still legal. If this new proposal is implemented, it may give such “fertility tourism” a further boost. It may even compound the problem that it purports to solve and encourage parents to reveal still less.
Bookmark this post:
In the meanwhile,
Photo is "Dan Perjovschi´s installation at the Moma, NYC" by Tibau1.
Bookmark this post:
The assessment of the Federal Criminal Police Office (BKA) according to which biometric visual-image search systems are not advanced enough to be used by the police to search for persons has led to mixed reactions. The Federal Criminal Police Office presented the fairly sobering research results of its visual-image search systems project on Wednesday in Wiesbaden. Given the present state of the technology the system was unfit to be deployed, the Office concluded."Mixed reactions to the facial-features recognition technology project of the BKA" at Heise online.
Bookmark this post:
For the last several years, Microsoft has worked with the Privacy Enhancing Technologies community to support a prize for the best work done in the field. I've been involved as a member of the selection committee, but when I joined Microsoft, stepped away from that. It's important to us that the prize is independent. This year, I MC'd a short ceremony, in which we announced that the award went to
"Security Analysis of a Cryptographically-Enabled RFID Device," by Steve Bono, Matthew Green, Adam Stubblefield, Avi Rubin, Ari Juels and Michael Szydlo. (USENIX Security Symposium, July-August 2005)
Michael Szydlo was on hand to accept the award. The nice crystal is provided by the Ontario Privacy Commissioner's office.
Caspar Bowden, chief privacy advisor for Microsoft Europe, Middle East and Africa, says, “Any peer-reviewed paper published in the preceeding year is eligible for nomination for the PET Award. We wanted to support a prize that was judged by leading privacy technologists, for leading privacy technologies. It’s a great way for the best researchers from a variety of fields within privacy research to recognise and support the exceptional technical work of their peers.”The press release is "Microsoft Helps to Promote Privacy With Award Sponsorship"
Bookmark this post:
Bookmark this post:
I currently love my mortgage company. Those that know me in real life, know that I recently bought a house. Yesterday, I received a privacy notice in the mail from them. I figured it was the standard template that everyone uses saying that if I didn't want my information shared, I should call them up/email them/fill out the stupid little form and mail it to them. I was pleasantly surprised however to discover that in fact they were doing the exact opposite. The letter was actually an opt-in for data sharing. I really love it when companies make things easier for me. Interestingly, their posted privacy policy claims that the opt-in is only for residents of California and Vermont and I'm not living in either of those states. So I guess they've expanded their process beyond those states. Regardless of the reason, I appreciate the way these folks have done things.
Bookmark this post:
