Mobile Device Privacy Act: The Good the Bad, and the Ugly

On Monday, January 30, Congressman Edward Markey (D - Massachusetts) has proposed a draft bill called the Mobile Device Privacy Act (pdf). The bill was designed to respond to situations like the Carrier IQ debacle, where a researcher determined that mobile phones were sending vast amounts of data without the user being aware of the transmission. Carrier IQ hit that researcher with a cease and desist order, and later claimed they weren’t sending personal information. There are some strong aspects to the bill and one major potential drawback.

The Good:
The first thing to celebrate in this bill is the definition of monitoring software:

MONITORING SOFTWARE. The term ‘‘monitoring software’’ means software that has the capability automatically to monitor the usage of a mobile telephone or the location of the user and to transmit the information collected to another device or system, whether or not such capability is the primary function of the software or the purpose for which the software is marketed. 

This definition includes both usage of the phone and location, and the key phrase - "whether or not such capability is the primary function". This language is valuable in protecting privacy because it leaves very little wiggle room when defining "monitoring software".

The policy is also extensive; it covers every entity I could think of in the mobile phone ecosystem including:

1. Businesses selling phones to consumers
2. Service providers both when the customer is first signing a contract and after a contract is signed - no sneaky downloads or "upgrades"
3. Manufacturers of phones and phone operating systems 
4. And a person or company who operates a website, or other service that allows users to download monitoring software - app developers on services like Itunes and Android market would be covered here.

The section covering information disclosure also covers most of what a privacy advocate would hope for. Companies are required to disclose to consumers the fact that monitoring software is installed or that the software being downloaded is "monitoring software". This disclosure includes the types of information the software is capable of transmitting, the identity of the person or entity the information will be transmitted to, and how much of the information will be "used".

The policy also requires information security practices to be in place to protect these sensitive data. The requirements include an information security policy, a named, individual responsible for security, a vulnerability management program, and a record destruction program.

Enforcement will be the responsibility of the FTC, and it has teeth; the FTC can require a change, impose $10,000 per day fine for non-compliance, and impose an injunction.

The Bad and the Ugly:
This could easily become an addition to the click-wrap agreements we all already ignore. Rather than imposing limitations on the collection of data, this bill allows companies to collect whatever they want, even if they aren't using it. Simply add another section to your 500 page click through agreement and you are covered. In all fairness, a few geeks, like myself, will read the thing and report back to the rest of the world, but what choice does this leave us? If you want the software, you will agree to the collection of data - even if those data have nothing to do with providing the service.

The last, and biggest, most intractable problem - third party disclosures aren't mentioned at all. If we impose a law that makes it slightly more difficult to collect personal information, we are effectively increasing the market value of that information. Making consumers aware of the collection of these data is a great first step. If the collecting companies can then sell or share those data to other third parties, our ability to control our personal information is exponentially diminished.
A clause that requires companies deploying monitoring software not to disclose or sell it to any other company would be a revolutionary shift in U.S. technology policy and our IT economy, but I had to bring it up.

Image courtesy: http://www.flickr.com/photos/garryknight/
Article first published as Mobile Device Privacy Act: The Good the Bad, and the Ugly on Technorati.

1/31/12 Morning Coffee: New Mobile Phone Privacy Law, Twitter Jokes Get Tourists Arrested and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Policy

• New mobile phone privacy law proposed by Edward Markey (D - MA) partially in response to the Carrier IQ debacle.

Software

• Some tips for companies providing location based services - like treat LBS data as sensitive data and get user permission

Social Media

• British tourists arrested trying to enter the U.S. after Tweeting they were going to destroy America and dig up Marilyn Monroe
• LinkedIn 277% better than Facebook or Twitter for lead generation
• Twitter's Dick Costolo says they don't need Google, they are growing at incredible rates since Google didn't renew their sharing deal. 40% of Twitter subscribers don't tweet "they just consume" (or create an account and walk away?)

Twitter's Country Specific Censorship May Be Good for Human Rights

Twitter announced a new censorship policy recently that would allow the company to block Tweets on a country by country basis. If, for example, Germany wanted to block a Tweet it believed violated copyright, that Tweet would only be made unavailable to Germans. Twitter will block Tweets in a country "In the face of a valid and applicable legal order."

This new policy initially met with negative reaction, including calls for protesting Twitter on January 28.

Some are saying the new policy is actually one of the best ways a global social media company can protect free speech. Twitter has been required to remove offending material for some time, DMCA complaints in countries like the U.S. are one easy to understand example. Once removed, these Tweets are no longer available to anyone. The new policy would allow Twitter to block offending content in only the country that is complaining about that content, based on IP address.

Here is where most supporters agree that Twitter has gone above and beyond in this new policy. While the Tweet is removed from the new country, it is listed on a new section of the chilling effects web site - www.chillingeffects.org/twitter . This action essentially allows the rest of the community to be aware not only that the Tweet was removed, but the content of the Tweet. Tracking the actions of oppressive regimes would be possible with this type of scheme.

In addition, Twitter has shared information on how to circumvent it's blocking policy by manually changing your country setting, essentially associating your IP address with a different country.

This has led one well-respected blogger to comment "In this particular policy, Twitter has done everything it can do to help free-speech advocates around the world except deliver coffee and bagels in the morning."

The devil is in the details, so we will need to wait and see how Twitter implements the policy and whether oppressive regimes block the site entirely because of the easy circumvention and public awareness of censorship.



Article first published as Twitter's Country Specific Censorship May Be Good for Human Rights on Technorati.

1/30/2012 Morning Coffee: A Look Inside A Chinese Factory, Teens Migrating to Twitter, and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Gadgets

• Mr. Daisy goes to China - This American Life on NPR has a few stories investigating life in Chinese factories.

Social Media

• How the Peace Corps uses social media to build community online
• Good read on Twitter, Democracy and censorship
• Thailand first to use Twitters censorship policy
• More teens using Twitter b/c it is more "private" - easier to set up, don't need to use your real name, and you can have multiple accounts

1/27/2012 Morning Coffee: Hawaii Wants to Track Web Activity for Two Years, Congress Can't Change ACTA and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Privacy/Surveillance

• Personal data worth $50 - $5,000 per person to Google advertisers?

Policy

• Hawaiian bill will track users web history for two years
• Issa says Congress can't change ACTA:

As a member of Congress, it’s more dangerous than SOPA. It’s not coming to me for a vote. It purports that it does not change existing laws. But once implemented, it creates a whole new enforcement system and will virtually tie the hands of Congress to undo it.

Social Media

• Twitter will censor tweets in certain countries, if asked by those governments. Twitter blackout time?
• What happens to social media content after death? Uniform laws are being drafted to figure out.

1/26/2012 Morning Coffee: New European Privacy Law has Teeth, Canada Considers SOPA and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Privacy/Surveillance

• Amateur UAV pilot exposes a river of blood from a meatpacking plant in Texas

Policy

• Wikileaks cable reveals U.S. role in establishing an Australian precedent for holding ISPs accountable for copyright infringement. 
• New EU privacy law replaces multiple, distributed laws, requires data privacy monitors, 24 hour breach reporting and significant fines for data breaches. Most importantly, users will have the right to have their data deleted, and service providers will be required to hand over any data they collect on users.
• Canadian policy might mirror SOPA, after behind the scenes influence

Social Media

• Judges try to limit the influence of social media on jurors

Gadgets:

• Some cool car tech - MIT Media lab has a car that will fold up when you park it:

Fully enclosed Segway - so full of collision avoidance tech, you can sleep in it on the way to work

Supreme Court Restricts Use of GPS Surveillance

The Supreme Court decided (pdf) on Monday that attaching a gps tracking device to a suspects car (or his wife's jeep, in this case) without a search warrant constitutes a violation of the Fourth Amendment of the Constitution, known as an unreasonable search and seizure.

The case involved Antonie Jones, a nightclub owner and reputed cocaine dealer. Police had obtained a warrant to install a gps tracking device on Jones' Jeep. They had ten days to install the device within Washington D.C., they installed it on the eleventh day in Maryland, so the warrant did not cover their action. Mr. Jones was convicted, and The United States Court of Appeals for the District of Columbia Circuit overturned the conviction saying the 28 day tracking of Mr. Jones without a search warrant constituted an unreasonable search and seizure.

The most interesting part of the case is the discussion of why gps surveillance is a violation of privacy. The majority opinion, written by Justice Scalia, claims that the violation of the suspects Fourth Amendment rights occurred because the government invaded private property without a search warrant, "We have no doubt that such a physical intrusion would have been considered a ‘search’ within the meaning of the Fourth Amendment when it was adopted." Justice Scalia goes on to say that the physical intrusion test is in addition to the reasonable expectation of privacy test that was established in Katz vs. The United States.

Justice Samuel Alito Jr. wrote a concurring opinion for four other judges, saying the application of 18th century logic to 21st century technology "in my judgment, is unwise. It strains the language of the Fourth Amendment; it has little if any support in current Fourth Amendment case law; and it is highly artificial."

All nine justices agree that there will be cases in the future that will add details to our understanding of 21st century technology and the protection of privacy, but this is a landmark case in favor of the protection of privacy.

By Photo by Mr. Kjetil Ree
Article first published as Supreme Court Restricts Use of GPS Surveillance on Technorati.

1/25/2012 Morning Coffee: Google Privacy Changes, Facebook Forces Timeline

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Hacking

• A researcher finds 10k critical infrastructure points that could be relatively easy to hack into. Remember the Illinois water pump non-incident.

Privacy/Surveillance

• Google combines 70 privacy policies into one so they can share your data across all services. Is that the definition of secondary use? I'll have to read it and look for the opt-in to data sharing feature. I already expect Google to share data across accounts - if I'm logged into gmail, I expect to be able to look at my + (can never find the damn plus on the keyboard) profile.
• Interesting article about why Google's policy change isn't evil. They left out rich people problems as a reason - if evil is defined as a single policy problem, we aren't reading the rest of the newspaper. You know, the part where people are starving, human trafficking, lack of human and civil rights.

Social Media

• Facebook speeds up mandatory timeline adoption - why now, and wasn't there a settlement about not requiring users to make changes?

Video Claims Anonymous Will Attack Facebook, Anonymous Denies Claim

A number of news outlets including CNET and Mashable reported yesterday that Anonymous had announced a plan to attack Facebook. The video claims "An online war has begun between Anonymous, the people and the government of the United States", and goes on to invite web users to download a denial of service attack tool called Low Orbit Ion Canon (LOIC), and offers instructions on how to download and run the program. The announced date for the attack is January 28 at noon.

But reporters seemed skeptical, picking up on inconsistencies. Mashable reporter Zoe Fox says "at least that’s what a video uploaded to YouTube Monday is claiming in the name of the hacker network" and "No time zone, however, is distinguished." CNET reporter Emil Protalinski wrote "What makes me skeptical (again) about this claim is that no reason for attacking Facebook is given other than ‘to show them indeed that we are not, playing.”

Anonymous has announced that the video is fake, using the @Anonops Twitter account:

Anonymous has claimed responsibility for a number of sites over the last few days including the Department of Justice, the RIAA, and the MPAA, attributing these actions to the takedown of MegaUpload. This false video is evidence of how difficult it must be to maintain a consistent message when you are a decentralized, loosely affiliated, anonymous group of hackers. Anyone can call for an attack on their behalf, and how are we to know when the call is actually comes from Anonymous?
Article first published as Video Claims Anonymous Will Attack Facebook, Anonymous Denies Claim on Technorati.

1/24/2012 Morning Coffee: Supreme Court - GPS in Jones Case Unconstitutional, Woman Ordered to Decrypt Laptop, and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Hacking

• Update - Anonymous denies producing the video; Anonymous threatens to shut down Facebook on January 28, encourages everyone to participate by sharing information on how to perform a denial of service attack:

“An online war has begun between Anonymous, the people and the government of the United States,” the video begins. “While SOPA and PIPA may be postponed from Congress, this doesn’t guarantee that our Internet rights will be upheld.”

Higher Education

• Tenured Stanford professor gives up position to start an online university. He will offer two free courses to start - how to build a search engine and how to program a robotic car.

Privacy/Surveillance

• Potentially a huge case - Colorado Federal judge orders a woman to decrypt her laptop. This is an undecided area of the law - is decrypting your laptop like handing over the keys to a safe, which isn't covered by the fifth amendment, or more like forcing "compelled testimonial communication", which is covered.
• Google+ will allow pseudonyms and  nicknames, as long as you verify those names already have a meaningful following somewhere else. You will need to send in some "official documentation" such as drivers licenses photocopies, which will supposedly be destroyed when verification is complete.
• Supreme Court rules police use of GPS in the Jones case was unconstitutional. This is a big deal, but not as big a deal as it could have been. The rationale for the opinion was that the device indicated an invasion of private property.

Social Media

• Twitter acquires Dasient, a malware protection company as it prepares to roll out self-serve advertising to the general public

SOPA and PIPA: Let's Pause and Write Rational Piracy Legislation

Both Senate Majority Leader Harry Reid (D-Nev.) and Representative Lamar Smith (R-Tex) have decided to postpone further action on the piracy bills that have led to some of the biggest protests in web history. With President Obama and FCC Chairman Genachowski both agreeing that some response to piracy is necessary, the fight against the first iteration of SOPA may be over, but the task of negotiating rational legislation is just getting started.

We have seen generalizations about how piracy legislation would negatively affect American business and innovation, but there has been very little time to develop a better understanding of what these negative impacts might be. With this in mind, I had a chance to sit down with Eugene Lee, the CEO of SocialText, a social networking service provider for corporations that operates on the software as a service model, to talk about how SOPA, PIPA, and future piracy legislation might have impacted both his business and the SAaS industry as a whole.

Craig Blaha:
How would SOPA and PIPA, if they were passed in their current form, affect your business?

Eugene Lee:
SOPA and PIPA has become a web issue, the way these bills are written they apply to all users of the web. This over-generalization could put a damper on productive uses of technology and user generated content – which has implications for situations that were not envisioned by the movie and music industry.

A literal interpretation of these laws could fundamentally cripple how people collaborate; it could reduce the strategic, competitive advantage American companies have developed because we are so used to using powerful, social, tools to share knowledge and empower knowledge workers.

For example, Socialtext primarily uses a software as a service delivery model. Over the last ten years we have watched as corporations not only share internal knowledge, documents and expertise, but incorporate content from all over the web in these conversations.

SOPA and PIPA, if passed in their current form, would cause corporate attorneys and regulatory oversight to pause and re-examine collaboration within the corporation. They would have to ask whether companies were approaching collaboration in a legal, supportable way, which is an absurd setback.


CB:
Do you think piracy is a problem?

EL:
Definitely.  People should be able to benefit from their creation, and that creation should be protected whether by copyright, trademark, patent, etc.
However, the real issue SOPA and PIPA are trying to address is trade and commerce, how to protect products and brands. The focus has been on movies and downloads because it is sexier, but because of the technology involved, this gets confusing to the general public and gets outside of the original intent of the law. Fundamentally the issue is the same as counterfeit Rolexes, and we have historical efforts and precedents that we should build on.


CB:
Do you think OPEN, proposed by Issa, is a viable alternative?

EL:
OPEN has a good start in that it focuses on the trade issue. But the real problem is there are different types of foreign actors we are dealing with; countries that can help and will, like we saw with the MegaUpload case, countries that can't help but would like to, and countries that don't want to help. Any legislation should focus first on these different scenarios. Effective legislation would look different in each case.

CB:
What alternatives would make sense, or what changes to SOPA and PIPA would make you more comfortable with the legislation?

EL:
I think we should take advantage of this pause and look for a less bombastic response. We need to go back to first principles because this isn't only about Hollywood versus Silicon Valley. How would we solve this problem if it were analog? Would we shut down video stores if an independent film company made a movie that violated copyright? We need to start with a rational assessment of the problem and propose solutions that make sense for both the protection of copyright and the protection of innovation.



Eugene Lee is the CEO of Socialtext. He comes to Socialtext from Adobe Systems, has previously held several executive leadership roles at Cisco Systems, and was co-founder of Beyond Inc., developers of the award-winning BeyondMail product, and holds four patents in messaging, workflow and privacy technologies. Lee has a B.A. in Physics and B.S. in Engineering and Computer Science from Harvard College and an MBA from M.I.T. Sloan School of Management.


Article first published as SOPA and PIPA: Let's Pause and Write Rational Piracy Legislation on Technorati.

1/22/2012 Morning Coffee: Y Combinator Wants to Kill Hollywood, Supreme Court Increases Copyright Restrictions and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Higher Education

• Artificial Intelligence used to predict prom success

Privacy/Surveillance

• Mozilla offers secure alternative to OpenID
• Murdoch's Newscorp to pay hacking victims

Policy

• Y Combinator wants to fund startups that challenge Hollywood - they are calling the call for proposals Kill Hollywood
• Genachowski calls for SOPA compromise, says protecting intellectual property and Internet Freedom can coexist
• Supreme Court regresses works that were released under copyright - Picasso's Guernica is one example

Social Media

• MegaUpload shut down - dramatic police raid in New Zealand included breaking down doors and cutting through a safe room
• Facebook credits invites a comparison to the central bank by Forbes
• Google + doubles users, some call it Bruteforce enrollment

Lamar Smith: Blackout a Publicity Stunt, SOPA Markup Will Continue

Some of the web's largest companies have completely or partially blocked access to their services today in protest of two recent piracy bills being considered by Congress (for a complete, up to date list of sites, check out the Technorati article on the SOPA protest). Despite one of the largest coordinated online protests in history, Lamar Smith (R TX), one of the chief sponsors of the bill and head of the House Judiciary Committee, says markup hearings will continue next month.

The web was buzzing with the news that both President Obama and House Majority Leader Eric Cantor had said they would not support the bill in it's current form, causing some to call SOPA dead. But the Wall Street Journal is reporting that Lamar Smith plans to move forward, and that the bill has already accommodated the major concessions called for by those opposing the bill, such as removing the DNS blocking component of the bill.

The MPAA has come out with a similar statement, calling the blackout a gimmick:

It is an irresponsible response and a disservice to people who rely on them for information use their services. It is also an abuse of power given the freedoms these companies enjoy in the marketplace today. It’s a dangerous and troubling development when the platforms that serve as gateways to information intentionally skew the facts to incite their users in order to further their corporate interests.

The calls for the death of SOPA are certainly premature, but time will tell whether there will be a next markup session, and how Congress will resolve the differences between SOPA, PIPA, and OPEN, the three piracy bills being considered.
Article first published as Lamar Smith: Blackout a Publicity Stunt, SOPA Markup Will Continue on Technorati.

1/19/2012 Morning Coffee: SOPA Supporters Backing Off, Facebook Introduces New Action Words and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

• Microsoft creates "minority report" like shopping window

Higher Education

• Apple to jump into textbooks - John Stewart (the only reliable news source ;) talked about forced labor at Apple manufacturers, and commented that prices would increase by only 23%. I would love to see Apple come out with an anti-slavery iPad. I'd pay 23% more, wouldn't you?

Policy

• Both House and Senate reps are backing away from SOPA/PIPA, saying it isn't ready for prime time. Not dead yet. I'm looking for a good rationale for this legislation - why now?
• Zuckerberg asks his FB friends to help stop SOPA
• Google collected 4.5 million anti-sopa signatures

Social Media

• Facebook introduces "bought", "want", and "love"

1/18/2012 Morning Coffee: SOPA is Back, Google and Facebook Fight Censorship in India and More!

Some interesting articles from around the web today:

Policy:

• SOPA is back - Lamar Smith says SOPA is set for more discussion next month
• List of sites that are down in protest of SOPA
• Chris Dodd calls protests pranks, says web users are corporate pawns

Privacy

• JuicyCampus founder writes a book on privacy and cyberbullying

Social Networking

• Italian cruise ship path was posted to Facebook before crash - showing off?
• Facebook growth slows
• Facebook, Google fight censorship in India

Manning Faces Court-Martial, Focus on Superiors Intensifies

The Army investigative officer in charge of the Bradley Manning preliminary hearing says there is enough evidence for accused Wikileaks conspirator Bradley Manning to face court-martial. Manning is accused of leaking hundreds of thousands of documents to Wikileaks, including classified documents, State Department cables, and a 2007 Army video of an Apache helicopter firing on civilians.
Evidence linking Manning to Wikileaks and it's founder, Julian Assange, including chat transcripts between Manning and Assange was enough for the investigative officer to allow a full court-martial in which Manning will face 22 counts, including aiding the enemy. More evidence will likely be available for the court-martial, as Twitter has been ordered to release account informaiton for three other Wikileaks supporters. One supporter, Icelandic Parliament Member Birgitta Jonsdottir, is scheduled to make an announcement on Friday that some speculate will be the release of her Twitter records.
The Manning case continues to raise questions about the level of security in place to protect sensitive U.S. Intelligence records. Apparently Manning had been identified as a risk within his first month of duty and assigned to a discharge unit for talking about his intelligence work in a YouTube video, has had a history of violent outbursts and questionable behavior, but was able to retain security clearance until his arrest in May of last year.


Article first published as Manning Faces Court-Martial, Focus on Superiors Intensifies on Technorati.

Obama, Cantor: SOPA Stalled Until We Have Consensus

The controversial piracy legislation, Stop Online Piracy Act (SOPA) has met some strong resistance over the last few days. The White House has come out against a one-sided solution to piracy in a blog post on Saturday, saying:

While we believe that online piracy by foreign websites is a serious problem that requires a serious legislative response, we will not support legislation that reduces freedom of expression, increases cybersecurity risk, or undermines the dynamic, innovative global Internet.

In addition, Representative Issa has said that House Majority Leader Eric Cantor has assured him that the SOPA vote that was scheduled for this week has been canceled, and the bill removed from the floor until consensus has been reached.
While some have taken this to mean SOPA is dead, Forbes points out that the companion legislation to SOPA, the Protect IP Act, has already been passed by the Senate and could move forward, with modifications to appease the White House, in short order. In addition, Lamar Smith had already moved to take the DNS provisions out of SOPA, which is the part of the bill that technologists were saying would break the Internet and create a censorship firewall around the U.S.
With three piracy bills still in play; PIPA, SOPA, OPEN, and the tech community feeling as if they have defeated the one bill everyone has been focusing on, will Wikipedia, Reddit and others move forward with their planned service blackout tomorrow?
Image: http://www.newswhip.com/U.S.


Article first published as Obama, Cantor: SOPA Stalled Until We Have Consensus on Technorati.

Who Controls Drones Flying Within the U.S.? EFF Sues to Find Out

The close to 7,000 U.S. drones controlled by the Pentagon have been used successfully by the U.S. military to track Osama Bin-Laden before he was killed and in killing over 1,900 insurgents in Pakistani's tribal area. These Unmanned Aerial Vehicles, sometimes referred to as drones because they are pilot-less aircraft controlled remotely, are becoming more frequent tools in border patrol operations and law enforcement within the U.S., but there is little known about who has been authorized to operate drones domestically.The Electronic Frontier Foundation (EFF) filed a Freedom of Information Act Request with the Department of Transportation (DOT) in April of 2011, but the DOT has yet to respond to the request. This week, according to BuzzBlog and the EFF Deep Links blog, the EFF filed suit against the U.S. DOT to find out who the Federal Aviation Administration, which reports to the DOT, has authorized to control these vehicles.
Drones have been used domestically to find missing persons, catch drug dealers and patrol the U.S. borders. There are few restrictions on surveillance from above, as the EFF points out:

As Ryan Calo, the ACLU  and many others have noted, Supreme Court case law has not been friendly to privacy in the public sphere, or even to privacy in areas like your backyard or corporate facilities that are off-limits to the public but can be viewed from above. The Supreme Court has also held that the Fourth Amendment’s protections from unreasonable searches and seizures may not apply when it’s not a human that is doing the searching.

In addition to the legal privacy issues, drones have been hacked in the past using $25.95 worth of software. The first step in regulating something is public awareness of the fact that it is actually being used; only then can we undertake the policy process of determining when and how Americans want to allow constant, nearly invisible, hackable surveillance.

picture credit:The MQ-1 Predator U.S. Air Force

Article first published as Who Controls Drones Flying Within the U.S.? EFF Sues to Find Out on Technorati.

1/17/2012 Morning Coffee: Facebook Shares Private Data, Zappos Hacked, and SOPA is Dead

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Hacking

• Zappos hacked, credit card numbers supposedly untouched. User passwords were encrypted.

Privacy/Surveillance

• Facebook gives Politico access to private messages of Facebook subscribers for sentiment analysis
• Drone guides fuel delivery to Alaska 

Policy

• Cantor promises SOPA will be delayed until "issues are addressed"
• Wikipedia joining Reddit in the SOPA blackout
• China reaches 500 million Internet users

Software

• New service MingleWing allows you to highlight Facebook postings to a public audience. Seems ripe for privacy problems and spam, but great for Internet chaos.

1/13/2012 Morning Coffee: Google Doesn't Index @, RIAA sues Ireland and More...

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Hacking

• Researchers examine how hi-tech cars can be hacked (pdf)

Privacy/Surveillance

• X-ray scanners could pose cancer risk, warnings ignored
• AT&T acquires OpenStack, one blogger sees an attempt to create the ultimate walled garden, where AT&T will own everything from the cloud to the network it runs on.

Policy

• Lamar Smith uses a background image on his website that is apparently in violation of copyright
• Patrick Leahy says more study needed for dns portion of PIPA, backing away from the bill he helped write. PIPA is the Senate version of SOPA, and has already passed
• Music industry sues the Irish government because they don't have an anti-piracy law

Social Media

• Google doesn't index the @ symbol, making Twitter profiles hard to find
• Facebook will probably hit the 1 billion user mark in August
• EPIC complains that Google social search results are unfair
• More people use Facebook than vote in the U.S.

Facebook Shuts Down Nevada History Project

University of Nevada Special Collections Director Donnelyn Curtis and staff spent considerable time researching the lives of two UN alumni, Joe McDonald and Leola Lewis, with financial support from the McDonald family. McDonald and Lewis were dating back in 1911 when they attended the University, and Curtis thought Facebook would be a great way to educate people not only about the couples lives, but about the time period and history of the campus, according to the University web site.

University staff began to create Facebook posts using the profiles of the two alumni, discussing their relationship, the campus, and the history of Reno. After coverage by the Chronicle of Higher Education and other media outlets, the couple gained over 3,000 friends.

Facebook deleted the profiles this morning because they violated Facebook's terms of service:

You will not provide any false personal information on Facebook, or create an account for anyone other than yourself without permission.

According to the Chronicle, Curtis may try to recreate the couple using Facebook pages. A more appropriate option may be Microsoft's new social media site, So.cl, designed by Microsoft's Fuse labs specifically to explore the use of social media in learning.

We have seen similar action taken against Salman Rushdie in November, but after rallying his Twitter followers, Rushdie was able to get his account reinstated. The removal of these fictional accounts underscores the risk that historical records created using social networking services like Facebook can be lost. At least Twitter records would bepreserved by the Library of Congress.
Article first published as Facebook Shuts Down Nevada History Project on Technorati.

Has India Used Apple to Spy on the U.S.?

According to a tweet by privacy researcher Christopher Soghoian @csoghoian, U.S. companies including Rim, Nokia, and Apple (RINOA) may have granted access to back doors in their software to allow the Indian Government to spy on its citizens. This surveillance capability was supposedly granted in exchange for access to the Indian mobile market. We have discussed India's desire to censor social networking in the past, but "back doors" in software would allow the Indian government access to encrypted communications between individuals.

A Hacker group calling itself the Lords of Dharmaraja has released a set of documents that it claims have been obtained by hacking into the Indian military network, according to ZDNet India. The group claimed that the original hack had allowed them to acquire the source code of Symantec anti-virus. The group released a statement that read, in part:

As of now we start sharing with all our brothers and followers information from the Indian Militaty (sic) Intelligence servers, so far we have discovered within the Indian Spy Programme (sic) source codes of a dozen software companies which have signed agreements with Indian TANCS programme (sic) 

The source code was released, but it turned out to be 4 or 5 years old. The fact that these original claims didn't turn out to be what the group had claimed casts doubt on the authenticity of the documents claiming back doors in mobile device makers operating in India.

If the documents are accurate, the Indian military has been using these back doors supplied by RINOA to spy on the US-China Economic and Security Commission (USCC). The USCC was established to "monitor, investigate, and submit to Congress an annual report on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China".

Image from:http://www.infocarnivore.com

Article first published as Has India Used Apple to Spy on the U.S.? on Technorati.

Reddit Declares War on SOPA

Social news aggregator Reddit has announced their plan to protest the Stop Online Piracy Act, SOPA, by blocking access to the Reddit service on January 18th from 8am - 8pm Eastern Standard time. Visitors who try to access the site will see a message about how the proposed legislation will effectively shut down sites like Reddit. The message will also have a list of resources, and will play the live video stream of the House hearing organized by Representative Issa.

The House Committee on Oversight and Government Reform, chaired by Representative Issa (R-CA) will hold a hearing on January 18 to discuss the potential implications of SOPA on the DNS system, American innovation, and job creation, according to a press release. Witnesses include Lanham Napier: Chief Executive Officer, Rackspace Hosting, Alexis Ohanian, Co-Founder, Reddit.com, and a number of other tech industry representatives.

Technorati reported that major tech companies such as Google were talking about a blackout to protest SOPA at the end of December. So far, Reddit is the first to issue a press release and set a firm date for a blackout, but CBS is reporting that Wikipedia may join the protest.

Reddit has asked community members to contribute ideas about what to do with all of their "extra cycles" on January 18th by contributing to r/SOPA.
Article first published as Reddit Declares War on SOPA on Technorati.

1/12/12 Morning Coffee: Who's Flying Those Drones, A Smartphone That Knows You're Mad and more..

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Gadgets

• Researchers at Samsung have developed a smartphone that detects your emotions based on typing speed, hand motions, backspace and special character use, voice volume, and other factors. Can it tell you are driving and shut itself off? Now that would be great. Recording all these data, or at least the inferences, would have serious privacy implications.

Higher Education

• Apple will get into the digital textbooks game, announcement expected next week

• Facebook kills historical profile created by researcher to help teach history

Privacy/Surveillance

• A drug dealer purchases a one-way ticket with cash, no luggage, and voluntarily submits to an "enhanced" search (including groin area pat down). Since he did not protest, it is ruled an acceptable warrant-less search. If he had said "don't touch my junk" like the traveler being sued after opting not to fly rather than submit to an invasive search, he might have a chance.
• EFF sues the Federal Government to find out who has permission to fly drones within the United States after the DOT refused to respond to a Freedom of Information Request.

Software

• Microsoft will host a real-time threat intelligence feed to help governments and companies fight botnets etc.

Social Media

• Facebook starts showing ads in newsfeed
• Twitter uses wrestling as an example to demonstrate Google+ integration problems

• Google's Eric Schmidt discusses bias:

1/11/2012 Morning Coffee: Reddit to Protest SOPA, Free WIFI in London and More...

Stories about privacy, new technology and the social implications of computing gathered from around the web:


Higher Education

• Congress considers a paywall for scientific publications

Privacy/Surveillance

• Great story on a reporter getting yelled at for using Facebook - if you want privacy, don't give your data away for free

• London gets free wifi network for Olympics. Didn't they just buy a massive wifi surveillance tool? No, that was cell surveillance.

Policy

• Reddit plans blackout to protest SOPA

Social Media

• Google including Google+ content in search results to a greater degree, customizing search depending on your social circles. Seems like a great opportunity for a new, focused, search competitor.
• Facebook accused of not answering privacy questions related to cookies and advertising
• Twitter doesn't like Google+ in search results

1/10/12 Morning Coffee: Public Hearing on SOPA Tech Implications, Kinect Coming to Windows, and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Higher Education

• Virtual college counselling for $100 an hour

Infrastructure

• France's mobile provider Free has a radical perspective on the role of an ISP - provide fast, cheap, broadband. full stop.

Policy

• Issa will hold an open hearing where tech folks will testify about the implications of the DNS provisions of the Stop Online Piracy Act (SOPA)

Software

• Balmer announces Microsoft's gesture recognition software Kinect will come to Windows February 1

Social Media

• Twitter tracks Cholera outbreaks faster than official announcements - crowdsourcing
• Which countries Tweet the most

•  Mercedes will include a modified version of Facebook in it's latest vehicle 

"Now that cars have screens that are intelligent, you would expect that more and more car manufacturers will want to make those screens capable of allowing people to connect with their friends and take advantage of the social context that comes along with that"

How about screens that make them better drivers?

1/9/2012 Morning Coffee: India Spies on the US using Rim, Nokia, and Apple, Boycott SOPA App and More...

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Gadgets

• Square - a very inexpensive credit card reader that attaches to your mobile device - is quickly expanding and sold everywhere from Walmart to UPS stores. I've seen these in action, but didn't realize how cheap it was.
• Fuel Cell - Power Trek, running water through the fuel cell creates a chemical reaction with the hydrogen in the water, generating electricity.

Higher Education

• University of Illinois Chief of Staff resigns over "anonymous" email - sent from her computer.
• Librarian brings historical figures to life on Facebook. The policy geek says *um, that is a terms of service violation* She should try Microsoft's new experimental social learning community - so.cl

Privacy/Surveillance

• According to security researcher Christopher Soghoian, Rim, Nokia, and Apple provide a backdoor to the Indian government for surveillance, and the Indian government may have been using this to spy on U.S./China economic security review commission.

Software

• Boycott SOPA - Android app identifies products sold by companies that support SOPA, making it easier to boycott.

Social Media

• NY Times lays off delivery man, he leaves a great note for his customers (seriously -not sarcastic!), which might lead to a job. Old media to new, or just good marketing?

• Facebook games will be able to offer in game currency - users can trade coupons or game "stuff" for ad views or personal information.

Wikileaks Supporters Must Disclose Twitter Records

A U.S. District Judge in Alexandria Virginia will require Twitter to disclose account information of three Wikileaks supporters in support of a U.S. investigation into the disclosure of secret government documents.

Wired News reports Birgitta Jonsdottir, Jacob Appelbaum, and Rop Gonggrijp are each part of the order to disclose account information now, despite the availability of an appeal. The judge reasoned (pdf) that the defendants request for a stay, or the ability to deny access to the Twitter records while the defendants pursue an appeal, should be denied because they are unlikely to win the appeal.

Judge Liam O’Grady based his assessment on the fact that courts have consistently found that the revelation of IP addresses is not a violation of privacy, and that the information being requested has already been disclosed to a third party - Twitter.

The original subpoena (pdf) requested all non-content information related to these accounts as well as Asange's. A request for non-content information, or envelope information as it is more commonly referred to, is covered by the Stored Communications Act section of the 1986 Electronic Communications Privacy Act and is a tool commonly used by law enforcement to get account and routing information without requiring a search warrant.
Article first published as Wikileaks Supporters Must Disclose Twitter Records on Technorati.

BitTorrent Launches a Social File Sharing Service

BitTorrent, the company responsible for developing the BitTorrent protocol that has over 100 million monthly active users, has launched a new file sharing application called Share on Thursday.

Designed to compete with DropBox and other cloud-based file sharing services, Share allows a subscriber to share files with an unlimited number of personal contacts. Users can comment on files in real time while they are being shared, adding a social networking dimension to filesharing.

Share has been built on Amazon’s EC2 and S3 services, according to GigaOm, which allows files to be cached in the cloud until the recipient has retrieved them. There is no size limit imposed by BitTorrent for users of the service. Other companies have offered similar services but failed under the cost of hosting huge amounts of data, but BitTorrent plans to offset costs by distributing the bandwidth and storage among users of the service, which is how the BitTorrent protocol was designed.

This new software offering comes at an interesting time given the discussion of the anti-piracy legislation SOPA and the latest report highlighting U.S. attitudes and use of file sharing. The idea of sharing files among friends and family, according to the study conducted by the American Assembly, a research group affiliated with Columbia University, is embraced by 70% of Americans.
Article first published as BitTorrent Launches a Social File Sharing Service on Technorati.

Spain Passes Piracy Law, Similar to SOPA?

Spain has been on the Office of the U.S. Trade Representative's watch list of countries with weak intellectual property rules, but that may change now that Spain's newly elected government has passed the Sinde law designed to fight piracy by Spanish citizens.

The law creates a Spanish Intellectual Property Commission that will field complaints about infringing web sites. This commission will have the authority to send a complaint to a judge to decide whether the site should be shut down completely. The entire process, according to reports by the BBC and the Washington Post, is designed to take ten days or less.

The law is nick-named the Sinde law after minister of culture Ángeles González-Sinde and is similar to the U.S. proposed anti-piracy legislation in that it calls for sites hosting infringing materials to be blocked by ISPs, and allows for review of the claim by a judge before a site is taken down, which is a provision in the revised version of SOPA.

The Spanish bill is different from SOPA in that it has a national focus; Spanish sites accused of illegal sharing are the focus, whereas the focus of SOPA is on non-U.S. web sites. In addition, the Sinde law does not include requiring advertising, financial and search service providers to block the infringing site.

Originally published on Technorati: http://technorati.com/politics/article/spain-passes-piracy-law/#ixzz1ioLOfqk5

1/7/2012 Morning Coffee: Journal of Irreproducible Results, Google Blames the Algorithm and Loses, and More!

Stories about privacy, new technology and the social implications of computing gathered from around the web:

Higher Education

• Journal of irreproducible results? Ideas on what scientists should do with investigations that don't pan out, but are still of some interest

Privacy/Surveillance

• Iran is creating a separate, internal Internet to keep citizens from being exposed to ideas the government doesn't sanction
• UK Shopping centers face civil rights challenges

Policy

• U.S. Department of Commerce report says U.S. ability to compete is eroding

Software

• Google denies liability in autocomplete case, says the algorithm did it. French court disagrees.

January 6 Week in Review

This is a roundup of the top stories from the week.

Hacking

• Banking Malware could spend money from your account and cover its tracks - this software grabs your credit card numbers, buys stuff over the web, and alters your view of your online banking records so that you don't see the discrepancy. The solution? Paper statements!
• A great article on one of the people behind botnets and spam. We don't often get a look behind the curtain of how these botnets work, and some people will be surprised by the business of spam.

Higher Education

• An NPR story on some Physics professors that eliminate lectures to increase student success. One asks whether professors who just lecture should have their lectures recorded, put on the web, and be fired. The idea is through a combination of technology, group work, and alternate strategies to engage students, students are more likely to succeed. Focusing on one aspect of teaching, whether it is delivery or technology is misguided. Great teachers can give really engaging lectures, and poor teachers can do a miserable job of leading small groups.

Privacy/Surveillance

• Wikileaks supporters lose court bid to protect Twitter records. The prosecution is asking for things like credit card # and destination address as part of envelope information. This decision is consistent with previous court decisions, so it really wouldn't be news if Wikileaks wasn't involved.

Policy

• SOPA protests - will Google and others black out the Internet?
• Which copyrighted material would be in the public domain today - from 1955. As copyright continues to shift in favor of the creator, the volume of works not in the public domain grows exponentially. I would love to see a mashup of what could be done with work that is protected by copyright. It is hard to imagine what could be done without an example.

Social Media

• 5 predictions for next year in social media law - standardized privacy rules, the right to publicity, and changes in the way companies handle social media use outside of work.  Interesting and well written article.
• Google acquires IBM patent to search through text compiled by users of social media. The idea is the software would allow search results to be tailored to individuals needs based on their social media circles. We all better have smart friends before social search arrives.
• Facebook responsible for a third of divorces in UK, up from 20% in 2009. As people use social media more to communicate with one another, all of the social problems that happen between two or more people will be reflected through these correspondence.