Supreme Court Rules Privacy Invasion Requires Damages

The Supreme Court decided earlier this week that remuneration for privacy invasion based on the 1974 Privacy Act requires the claimant to show actual monetary damages. As one NPR reporter put it, you can't get damages for emotional distress, but if you bought Tylenol for a headache due to that distress, you might be able to receive compensation for the Tylenol. The 1974 Privacy Act was designed, in part, to protect government workers from the type of privacy invasion they saw with the Nixon administration. Apparently constant surveillance, at the time, made it difficult to recruit and retain government workers.

The latest decision revolves around Stanmore C. Cooper, a pilot who filed false paperwork in 1985 with the Federal Aviation Administration claiming he was not suffering from HIV. At the time, HIV would have meant his flight license would be revoked. When the FAA conducted a database verification process called "Operation Safe Pilot" that cross-referenced various government databases, they discovered Cooper had lied about his HIV status. He received a $1000 fine and lost his pilots license.

From the NY Times article:

The ruling turned on the meaning of the statutory phrase “actual damages,” which has been described as a chameleon that takes on different legal hues in different contexts. In the privacy law, the court decided, Congress had left the meaning of the term ambiguous enough that it could not be used to waive the sovereign immunity that often protects the government from being sued for damages.

The privacy implications are profound. The government can cross-reference multiple databases and act on the new information gained from this activity with relative immunity. If a government agency wanted to "encourage" a citizen to make a certain choice or act in a certain way, that agency can troll multiple databases to create a digital dossier on any particular individual and use information gathered about that person at any time. This information can then be made publicly available - as it was in the Valerie Plame case and multiple others - without any recourse.

The 1974 Privacy Act relied on a 1973 Health, Education, and Welfare committee report that created the Fair Information Principles. These principles have been used by many nations to create privacy protecting statutes, and include

1. There must be no personal data record-keeping systems whose very existence is secret.
2. There must be a way for a person to find out what information about the person is in a record and how it is used.
3. There must be a way for a person to prevent information about the person that was obtained for one purpose from being used or made available for other purposes without the person's consent.
4. There must be a way for a person to correct or amend a record of identifiable information about the person.
5. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuses of the data.

The power of combining multiple sources of data and the ability to create a digital dossier, and use that dossier with little fear of consequence, seems like a major step in the wrong direction.

image: www.elcivics.com

Employers Requesting Facebook Credentials is Legal

A post on the FindLaw blog clarifies that employers are allowed to ask you for your social media credentials as part of the interview process; no federal or state laws prohibit it. From the post:

It would seem so. There are currently no laws that forbid job interviewers from asking job seekers for Facebook passwords or other social-networking logins. Though Maryland and Illinois have proposed legislation that would forbid public agencies from making such a request, the Associated Press reports that no state has addressed the issue with regards to private employers. 

Generally speaking, state and federal laws only prohibit employment inquiries that are discriminatory in nature. Some states also prohibit the use of an applicant’s criminal history or credit report. Other than these few exceptions, employers are generally free to ask about everything — from who your best friend is, to what you like to eat for dinner.

The author goes on to point out that you aren't compelled to share your social media credentials, and if you don't get hired because you are protecting your privacy, would you really want to work there anyway?

British Parliamentary Committee Calls for Google, Twitter Censorship

A British Parliamentary committee has called on Google and Twitter to allow for censorship to enforce British privacy laws, according to an article by GigaOm. Apparently sports star Ryan Giggs had won a privacy suit in relation to an affair he had been having, and the result of the suit was to keep information about the affair private. As you can imagine, that didn't happen. A Parliamentary Committee asked for testimony from Twitter and Google on this and other cases, and the tech giants responded (from the Financial Times):

“Requiring search engines to screen the content of their web pages would be like asking phone companies to listen in on every call made across their networks for potentially suspicious activity,” Google said on Tuesday. “Google already remove specific pages deemed unlawful by the courts. We have a number of simple tools anyone can use to report such content, which we then remove from our index.”

The committee claimed this response was ridiculous since  Google is already blocking certain types of sites. The difference between the current Google blocking practice and this request is blocking data in the stream - in other words, as it is published. We will have to watch the long-term implications of this and the recent push by India to censor the web.

image: blog.websightdesign.com

Ghana Using Biometrics and Social Media to Improve Voting

After frustrating disputed election results, Ghana has invested $45 million in biometric voting technology - fingerprint verification that everyone who is eligible has voted, and has done so only once. In order to counteract the fear, uncertainty and doubt surrounding the use of the new tech, such as cancer concerns, Ghana has engaged in a social media campaign to get out the vote. From the Mashable article:

That’s where Ghana Decides and its outreach efforts on social media come in. The project’s organizers are using Tumblr (which serves as the project’s home base), Facebook, Twitter, YouTube and Flickr to put the spotlight on the voter registration process, which started on March 24 — the same day Ghana Decides officially launched — and ends May 5.

image: futuretrend.hu

The Evolution of Anonymous

Mashable has a great story on the evolution of Anonymous - always valuable to have a bit of documented history, even if this isn't a true "historical account".

Adding Enemies to Facebook

A researcher at the University of Texas Dallas has created a third party app that allows Facebook subscribers to tag people, places and things as "enemies". The researcher and two students developed the app as a critique of the "friend" concept/approach of Facebook. From the Mashable story:

The app, called EnemyGraph, lets you list anything with a Facebook presence — ranging from “friends,” to foods, to products, movies or books — as an enemy. Since the applaunched March 15, it’s seemed to appeal especially to users with a liberal bent. Some of its most-selected nemeses so far include Rick Santorum, Westboro Baptist Church and Fox News. 

The app was developed by a professor and two students at the University of Texas at Dallas. Dean Terry, who directs the school’s emerging media program, helped conceptualize the project, while graduate student Bradley Griffith and undergraduate Harrison Massey built the app. Griffith said EnemyGraph has so far accumulated some 400 users. But more importantly, its creators say, press coverage has helped meet the team’s goal of sparking a larger conversation about the nature of social media and Facebook in particular.

This app definitely creates opportunities for cyber-bullying - it is easy to see how kids would be able to use this to gang up on someone. Allowing for dissension in our technology infrastructure is an important concept, but the subtle act of having a friend request rejected might be enough when it comes to interpersonal communication.

New Japanese Surveillance Camera Scans 36 Million Faces per Second

A new surveillance camera developed by Hitachi Kokusai Electric processes faces as they pass by the camera, making it possible to conduct rapid image match searches at a later date. Diginfo news offers a video (embedded below) that demonstrates how the system works. Essentially, as each face passes by the camera, key components of the face are processed and stored, similar to a fingerprint database. At a later date, law enforcement (we assume) can search through the database using an image matching algorithm.

John Palfrey refers to rivers and oceans of data in his article The Public and the Private in the United States Border with Cyberspace when we talk about surveillance - rivers are the real time streams of information, oceans are the vast collections of data that can be searched at a later date, with a much lower level of privacy protections attached.

Dr. Shalini Gupta from AT&T labs gave a talk on her work with facial recognition at an Austin Forum event. One of the most interesting facts - it is nearly impossible to recognize someone wearing one of those Mardi Gras masks - cover your nose and eyes and you are hard to match. Instead of tin-foil hats, we'll want tin foil mardi-gras masks. Look for my Etsy shop selling them in the near future!




image: http://mardigrasmask.blogspot.com/

Artificial Intelligence as Squirrel Deterrent

An enterprising computer scientist, Kurt Grandis, decided to use python and some DIY hardware to build a squirrel scarer for his backyard. The setup tracks the squirrels and fires a super soaker at them. From the I Programmer article:

Kurt Grandis took some cutting edge and open source AI tools, Python, an Arduino and a SuperSoaker and built the perfect squirrel hosing machine... 

The project involved Open Computer Vision (OpenCV), an a SVM learning procedure that he trained to tell the difference between a squirrel and a non-squirrel. Some manual feature extraction was used in the initial processing. Squirelness seems to come down to "blob size", color and texture.

TacoCopter - Delivering Tacos By Drone

Apparently in the U.S. we can't deliver tacos or film real estate using drones, but we can kill people. From the Huffington Post blog:

Indeed, the concept behind Tacocopter is very simple, and very American: You order tacos on your smartphone and also beam in your GPS location information. Your order -- and your location -- are transmitted to an unmanned drone helicopter (grounded, near the kitchen where the tacos are made), and the tacocopter is then sent out with your food to find you and deliver your tacos to wherever you're standing.

While this is more of a conceptual business model than a viable delivery service, it raises some interesting ethical and privacy questions. In order to be successful, TacoCopter would need a highly accurate mapping infrastructure, including the ability to avoid telephone wires, balconies, birds, and be able to deliver to the right person. Efforts to create such an infrastructure would pave the way for a series of really interesting questions about surveillance and privacy, and would allow for highly efficient surveillance systems in the future.

Brazil to Track School Kids Using Chipped Uniforms

A city in Brazil - Vitoria da Conquista -  has announced a plan to embed rfid chips in student uniforms in order to alert parents when students skip school. According to the Newser article:

Twenty thousand students in 25 of the of Vitoria da Conquista's 213 public schools started using T-shirts with chips earlier this week, secretary Coriolano Moraes said by telephone. 

By 2013, all of the city's 43,000 public school students _ aged 4 to 14 _ will be using the chip-embedded T-shirts, he added.

The chips are embedded below the school crest in the shirt, and the shirts can be washed or ironed without harming the chip. Parents will be alerted by text message when their kids arrive at school, and if they haven't arrived within 20 minutes, parents receive a text message to that effect.

I bet it is only a matter of time before some entrepreneurial child comes up with a school skipping service.  One kid will have a backpack full of t-shirts with chips embedded and will dutifully arrive on time, triggering the rfid reader. If only the Brazil system would use the rfid chip for attendance, kids would never have to worry about actually showing up. We'll have to keep an eye out for the non-chipped black market for school uniforms.

NSA Chief Denies Domestic Spying

The recent Wired article on the new massive surveillance data center and capabilities of the NSA has led to a congressional investigation of the capabilities of the NSA. NSA chief General Keith Alexander faced tough questions from a congressional committee, and had some interesting answers:

Congressman Hank Johnson, a Georgia Democrat, asked Alexander whether the NSA could, at the direction of Dick Cheney, identify people who sent e-mails making fun of his inability to hunt in order to waterboard them. 

Alexander said “No,” adding that the “NSA does not have the ability to do that in the United States.” Elaborating, Alexander added: “We don’t have the technical insights in the United States. In other words, you have to have [...] some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We’re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information.”

image: wired.com

The TV is Watching Me

Interesting post about the new Samsung TVs that respond to voice commands and include facial recognition software. Building on the Kinect, we are definitely going to see more of this, if it actually works. Everyone hates remote controls, and if I didn't have to log in to Apple TV to rent a movie it would be much more convenient. Convenience may be the new root of evil. From the HDGuru post:

Samsung’s 2012 top-of-the-line plasmas and LED HDTVs offer new features never before available within a television including a built-in, internally wired HD camera, twin microphones, face tracking and speech recognition. While these features give you unprecedented control over an HDTV, the devices themselves, more similar than ever to a personal computer, may allow hackers or even Samsung to see and hear you and your family, and collect extremely personal data.

The Real Cost of P2P

TED talks has a video of Rob Reid doing a tongue in check, but accurate, review of the cost of copyright (embedded below). He discusses the details in a blog post, offering details and sources for his account. From the post:

First, the Motion Picture Association’s claims of $58 billion in actual US economic losses and 373,000 lost jobs came from this press release[1] (which can also be found on Scribd[2]). These numbers originated at a think tank called the “Institute for Policy Innovation” – an organization thatBusinessweek once profiled in an article called “Op-Eds for Sale.”[3] In it, an IPI analyst freely admitted to taking payoffs from disgraced lobbyist Jack Abramoff[4] in exchange for writing “op-ed pieces boosting the lobbyist’s clients.” The IPI’s president supported this behavior, saying it was neither wrong nor unethical, and dismissing those who apply “a naïve purity standard” to the business of writing op-eds.

Rutgers Student Convicted of Spying on Roommate

On March 17, a jury in NJ convicted Dharun Ravi, 20, of spying on his Rutgers University roommate. When the room-mate found out that his sexual encounter with another man was webcast, and after harassment from Mr. Ravi, Tyler Clement jumped to his death off of the George Washington Bridge in NY. NJ is the first state to make this type of spying illegal, before this case you could only sue in civil court. 

EU and US Work to Level Privacy Laws

The EU has more protective personal privacy laws than the US, and each European country can interpret those laws in their own way. In a joint statement released Monday, we learned of an effort to normalize some of these policy differences in order to promote commerce. From the statement:

The European Union and the United States are global leaders in protecting individual freedoms, including privacy, while at the same time fostering innovation and trade that are so critical to the world economy, notably in the present times. Stronger transatlantic cooperation in the field of data protection will enhance consumer trust and promote the continued growth of the global Internet economy and the evolving digital transatlantic common market. This work will also encourage innovation and entrepreneurship and support the jobs and growth agenda as outlined by President Obama and Presidents Van Rompuy and Barroso at the November 28, 2011 U.S.-EU Summit.

GigaOm has asked German startups how they feel about the current state of affairs and proposed changes., which makes for an interesting read.

image: jascha.me

Google Defends Hotfile File Sharing Service

MegaUpload was the first "cyberlocker" service to be shut down by MPAA and RIAA initiated legal action. Some sites, such as BTJunkie, have voluntarily closed rather than risk legal action. TechCrunch has a good article on Google's sudden interest in the latest file sharing case - the MPAA lawsuit against Hotfile. From the article:

Hotfile is one of the sites in question, and they haven’t escaped the wrath of the MPAA. There are a couple lawsuits between the two pending, and most recently the MPAA tried to get the site shut down summarily. But Google has taken a sudden interest in the case and issued an amicus brief with some choice words for the MPAA’s tactics.

Controlling People Using Mobile Apps

Photosynth is software that combines multiple photographs into one three-dimensional space, allowing viewers to explore multiple sides of a landmark, for example. A TED Talks video is embedded below that demonstrates how this works. The problem with Photosynth and similar, crowd-sourced documentation of real space is people who capture images to share with others don't always stray from the beaten path.

Researchers from Northwestern University have published the results of a study showing that people are easily encouraged to change their daily patterns using incentives. The researchers installed an augmented reality game on the phones of participants, who would then explore campus "zapping" ghosts in different locations. The zapping motion actually takes a photograph of the location. The McCormick School of Engineering web site explains:

Unlike a regular “augmented reality game,” where the ghosts might be placed randomly, in Ghost Hunter the researchers are able to manipulate where the ghosts are placed; while some are placed in frequently traveled areas, others are located in out-of-the-way, rarely photographed locations.

The researchers call this "soft" control, in reference to social control, a theory of behavior control that includes using incentives to regulate human behavior.

Two University of Texas at Austin School of Information PhD students have used a similar approach to encourage gamers to visit libraries in order to unlock secret content.

While these two approaches to manipulating behavior range from positive to benign, there is tremendous potential to use similar techniques to encourage mobile phone users to do everything from go out of their way to visit a different store, to change physical locations in order to get them to access a compromised cell network and conduct surveillance or download malware.

Yet another reason we need to know what data our mobile devices are sharing about us, and have enforceable limits on how those data are used.

image: www.mccormick.northwestern.edu

Article first published as Controlling People Using Mobile Apps on Technorati.

New Pew Report: Teens are Texting More

Mashable is covering a report from the Pew Center for Internet and Society that reports teens are sending 60 texts per day, up from 50 in 2009. The Pew report points out boys, younger teens, and African-Americans are among the biggest increases. From the article:

The study looked at the behavior of nearly 800 teens ages 12 to 17 during a three-part survey between April and July 2011 and a series of focus groups involving 57 people ages 12 to 19. 

Teens on average are sending and receiving 60 texts each day, up from 50 in 2009. The increase is being led by older teens ages 14-17, who went from a median of 60 texts a day to a whopping 100 two years later. 

Girls are still the most active texters, sending and receiving a median of 100 texts a day compared to boys sending 50. However, boys are texting more than they were just two years ago — in 2009, they sent about 30 each day. African-American teens are also texting more, up to 80 each day from 60 in 2009.

image: sixdegreesmedia.blogspot.com

Slated: Kickstarter for Independent Films

TechCrunch has an interesting article on a new social networking site - Slated - that connects film producers with investors. Apparently Slated is starting to take off, raising $2m in funding and signing some big names. The site is exclusive; you have to be vetted to be an investor, and you need the recommendation of two members to be a producer. From the article:

The site first launched at the Sundance film festival this year, and it sounds like the idea is catching on with independent film veterans — the company says producers such as Jeffrey Kusama-Hinte (The Kids Are All Right, Thirteen, Laurel Canyon), Lesley Chilcott (Waiting For Superman, An Inconvenient Truth), Lawrence Bender (Pulp Fiction, Good Will Hunting, Inconvenient Truth, Inglourious Basterds) have already signed up. Before the launch, more than 2,000 films applied to be listed, and 44 have been approved so far.

Google Set to Make Changes to Search Algorithm

According to an article from TechGoblin, Google Engineer Matt Cutts discussed the upcoming changes in a panel discussion at SXSW last week:

“We are trying to make GoogleBot smarter, make our relevance better, and we are also looking for those who abuse it, like too many keywords on a page, or exchange way too many links or go well beyond what you normally expect.”

SearchEngine Land has posted an audio clip and transcript.

TED Launches Education Initiative

The non-profit organization that has brought us some amazing videos is branching out into education. TED has launched a new initiative called TED Ed, with a goal of sharing incredible lessons for high school and college students. The idea that amazing things are happening in classrooms all over the country, and will probably never be shared outside that classroom, has led to a curated collection of great lessons. I'm glad to see that this launch has less rhetoric about "changing the way education works" and is staying on task; better leveraging technology to improve access to great educational experiences.


 

NPR Reporter Lied About Apple Factory Store

Mike Daisey visited the Foxconn Apple factory and returned a scathing report to the NPR show This American Life. Turns out parts of his report were fabricated, and This American Life will run an episode just covering the fabrications. From the Mashable report:

“What I do is not journalism,” Daisey wrote on his site. “The tools of the theater are not the same as the tools of journalism. For this reason, I regret that I allowed THIS AMERICAN LIFE to air an excerpt from my monologue. THIS AMERICAN LIFE is essentially a journalistic ­- not a theatrical ­- enterprise, and as such it operates under a different set of rules and expectations. But this is my only regret.”

ABC's Nightline had an exclusive look inside the Foxconn factory. Since it is video it has to be trustworthy, right?

Cellphone Radiation Linked to ADHD in Mice

Mashable reports a new study shows that the offspring of pregnant mice that have been exposed to cell phone radiation show symptoms of ADHD. From the article:

A silenced cellphone in active call mode was placed on top of a cage of pregnant mice. An inactive cellphone was placed on top of another cage of pregnant mice to act as a control. The mice in both cages had babies, which were allowed to mature. Then researchers conducted a variety of tests to measure brain activity on the adult mice who had been exposed to radiation as fetuses. The tests showed that the mice had lower memory capacity and were more hyperactive than the control group. The areas of the brain that control these functions were impacted by the radiation, say the researchers. They concluded that cellphone radiation negatively impacted brain development of offspring, and could potentially cause developmental disabilities including ADHD.

image: online.wsj.com/

FBI Asks Google to Unlock a Smartphone

The FBI has issued a search warrant in hopes of getting Google to unlock an Android phone that belongs to a California gang member and human trafficker. According to Threatpost:

Dears had denied to his parole officer that he owned a mobile phone, and in January the parole officer went to Dears's apartment and seized the phone. The FBI subsequently served a search warrant on the parole officer and took the phone, but the bureau's forensics investigators couldn't get past the swipe lock on the Android handset. Once they failed enough times, the phone locked and now requires the user's Google username and password for access. As a result, the FBI is asking that Google be forced to hand over the information to get them into the phone.

image: rootzwiki.com

UK Plan to Control Access to Gasoline via Surveillance Camera

According to the Mirror, the UK has announced a plan to use surveillance cameras to control the flow of gasoline. A car that pulls up for fuel will have it's license plate read by the cctv system that is already in place, if the car is uninsured or has not been taxed, the driver will be unable to purchase fuel:

Currently the system is designed to deter motorists from driving off without paying for petrol.
But under the new plans, the cameras will automatically cross-refererence with the DVLA’s huge database. 

When a car is flagged as being uninsured or untaxed, the system will prevent the fuel pump being used on that vehicle.

image: http://www.banksy.co.uk/

Iran Accused of Cyber Attack Against BBC

An attack intended to disrupt BBC's Persian service is linked to Iran. Director general of the BBC, Mark Thompson, says that the attack coincides with Iran's efforts to jam two satellite feeds from the BBC into Iran. From the BBC article:

"I don't want to go into any more detail about these incidents except to say that we are taking every step we can, as we always do, to ensure that this vital service continues to reach the people who need it," Mr Thompson will say. 

Some parts of the BBC were unable to access email and other internet services on 1 March. It is understood that the attack may have been caused by its systems being overwhelmed by a flood of external communication requests - a so-called distributed denial-of-service attack.

image: www.wbez.org

AT&T Threatens to Cut Off Service for Customer Who Won Small Claims Suit

AT&T has offered Matthew Spaccarelli an "opportunity" to discuss a settlement instead of the $850 small claims court win he recently achieved. Spaccarelli was using his AT&T phone to provide Internet access to other devices, a practice called tethering that is against AT&T policy and subjects the subscriber to having his service cut-off. AT&T sent a letter to Spaccarelli offering to negotiate a settlement, "In its letter, AT&T asked Spaccarelli to be quiet about the settlement talks, including the fact that it offered to start them, another common stipulation. Spaccarelli said he was not interested in settling, and forwarded the letter to The Associated Press."

Spaccarelli has posted the documents he used to defeat AT&T online, and has encouraged others who are being throttled to also sue AT&T.

Austin Homeless Hotspots

The Homeless Hotspots program in Austin has garnered some critical press, like this story from Wired:

The Damning Backstory Behind ‘Homeless Hotspots’ at SXSW:

Okay. I’m going to resist the urge to rant about how turning Austin’s homeless into Wi-Fi hotspots symbolizes everything that’s awful about both South by Southwest and living in America in the 21st century. (RWW’s Jon Mitchell doesn’t; go read him.) I will resist the urge to rail against commenters at BBH Labs’ blog who complain that Homeless Hotspots hasn’t fully thought its own implications through because How do the ‘houseless people’ charge the units?, partly because 1) believe it or not, that guy goes on to makes some fair points and 2) as Dan Sinker said on Twitter, I don’t want my brain to catch fire.

A few things to think about:

1. The people from Front Steps Shelter, who have teamed up with BBH labs and benefit from the arrangement, have a long history of working hard for homeless people. The folks from this organization are well respected locally and well-intentioned.
2. Austin has a long history of support and engagement with the homeless. The death of a local homeless person, Leslie, made national news, because this individual influenced the lives of many of us in Austin.

Maybe BBH is doing this just for publicity, but the Austin homeless are benefiting. I hope the homeless hotspots campaign is taken as I'm sure it was meant by Front Steps; as a way to improve the situation for homeless people.

While the shirts were poorly labeled - "I'm a 4g hotspot" lacks humanity, the fact remains that these 13 people would have been completely ignored if it weren't for this program. The national conversation would not have included anything about homelessness and the humanity and dignity of the homeless this week.

If Homeless Hotspots really pisses you off, protest by donating directly to Front Steps Shelter, the National Coalition for the Homeless, or your local homeless organization. Put your money where your mouth is and leave a note in the comments section telling us just how much you donated, and to which organization.
Clarence explains Homeless Hotspots


John Stewart's take - essentially, we should improve policy, not the plight of the homeless:

The Daily Show with Jon Stewart
Get More: Daily Show Full Episodes,Political Humor & Satire Blog,The Daily Show on Facebook

 Article first published as Austin Homeless Hotspots on Technorati.

Journalist gets Blasted by Pentagon Pain Ray

Spencer Ackerman from Wired.com volunteered as a test subject for the Pentagon pain ray (video below). From the article:

When the signal goes out over radio to shoot me, there’s no warning — no flash, no smell, no sound, no round. Suddenly my chest and neck feel like they’ve been exposed to a blast furnace, with a sting thrown in for good measure. I’m getting blasted with 12 joules of energy per square centimeter, in a fairly concentrated blast diameter. I last maybe two seconds of curiosity before my body takes the controls and yanks me out of the way of the beam.

The ray takes 16 hours to boot up, and there is supposed to be limited long term damage.

Honey Stick Project: What Happens to Mobile Phones When They Are Lost?

Symantec purposely lost 50 smartphones with tracking software installed to see what people do when they find the phone. From the Security Week article:

Once the mobile devices were loaded with the simulated personal and corporate data, Symantec dropped the 50 fully-charged smartphones in five different cities: New York City; Washington D.C.; Los Angeles; San Francisco; and Ottawa, Canada. The devices were intentionally "lost" in different types of locations including elevators, malls, food courts, public transit stops and other heavily trafficked, publicly accessible locations. 

With the remote monitoring software installed, it wasn’t long before the phones started to move. Tracking showed that 96-percent of the devices were accessed once found, and 70-percent of them were accessed for personal and business related applications and information. Less than half of the people who located the intentionally lost devices attempted to locate the owner. Interestingly enough, only two phones were left unaccounted for, the others were all found.

Honey stick is a reference to a commonly used security tactic called "honey pot" or "honey net", where security professionals set up a fake network or system to allow them to see if hackers are trying to gain access and track different types of attacks. The project web site has more details.

Creator of Site Linking to Copyrighted Material to be Extradited from Britain

23 year old Richard O'Dwyer will be extradited from the UK to the U.S. for a site called TVShack that links to copyright infringing material. According to a BBC report:

The case was brought by the US Immigration and Customs Enforcement agency, which claims that the TVShack.net website earned more than $230,000 (£147,000) in advertising revenue before US authorities obtained a warrant and seized the domain name in June 2010.

Mr O'Dwyer has argued that TVShack did not store copyright material itself and merely directed users to other sites, making it similar to Google.

 I'll be interested to learn more about the legal issues here; the family is claiming his site is legal in the UK, and that simply linking to sites that infringe copyright should be legal.

Human Computer Interaction Design Video

From the UT School of Information: Professor Luis Francisco-Revilla and his students share their projects from their HCI and Java classes.

Apple TV and Netflix New Business Model

The new Apple TV software allows users to pay for subscriptions to Netflix and MLB.tv through the iTunes store. I agree with Mashable on this score:

It’s a win for users and content providers. One of the challenges that companies such as Netflix face is getting subscribers to follow through with the sign-up process. It’s one thing when the content is primarily consumed on the Internet. For more passive devices — like the television set — a user who has to go to a different device just to sign up may end up putting off the purchase. 

On iOS, publishers who have embraced in-app subscriptions and Apple’s Newsstand have found great success in the model. One high-ranking publishing executive explained to me that his company didn’t really mind giving Apple 30% on digital subscriptions because subscription acquisition costs are usually more than that.

I'm not a big fan of the Apple TV - I have had endless problems with mine and I'm not surprised; streaming content from a different device on a local network introduces far too many potential points of failure. 

image: www.iconarchive.com

X-Prize Founder Tries to Fix Education

Peter Diamandis, known for the x-prize that awarded $10 million to the team that could build a spaceship that can take off from earth, fly 100 km above the earth and return, then do it again within two weeks, has announced a similar contest to fix the U.S. education system. At South by Southwest in Austin, he has asked for ideas on how to structure the contest, according to Forbes:

Speaking this weekend at the South by Southwest conference in Austin, Texas, however, Diamandis acknowledged that education is a tougher nut to crack. He said he has considered multiple directions that an Education X Prize could take, such as coming up with better ways to crowd-source education, or rewarding the creation of “powerful, addictive game” that promotes education. But he isn’t sure which way to go.

The problem with the education system isn't in the classroom. Kids with unsafe homes and not enough to eat or sleep don't make good students.

Email Hacked, Scam Sent to Contact

I just received a pretty common email scam that I thought I would share. It came from a friends hotmail account, but sent through a Yahoo relay. The scam is pretty convincing since this person travels a lot and didn't include a link or address, the idea being anyone who would receive the email would reply, saying they were so sorry to hear that, didn't know you were in London, what can I do to help? But since the email account is compromised, the hacker will now have the respondents email information and a direct connection. The text of the scam is below. Most likely the attack comes from downloading an infected attachment in an email. Don't click on links and don't download attachments in email unless you expect them.

There is a local NBC news report on this scam here:
http://www.nbclosangeles.com/news/tech/Email-Scams-83600577.html

Microsoft has some advice on what to do when your account is compromised:
http://windowslivehelp.com/solution.aspx?solutionid=6ea0c7b3-1473-4176-b03f-145b951dcb41

If you receive this type of message, don't reply or click on anything. If you hear that this type of message was sent by you, follow the advice of your email provider on what to do if your account is compromised.

text of scam email:

Hi, I really hope you get this fast. I could not inform anyone about our trip, because it was impromptu. we had to be in (Leyton, London) for a program. The program was successful, but our journey has turned sour. we misplaced our wallet and cell phone on our way back to the hotel we lodge in after we went for sight seeing. The wallet contained all the valuables we had. Now, our passport is in custody of the hotel management pending when we make payment. We've been to the embassy and the police here but they're not helping issues at all and our flight leaves in less than few hrs from now, but I'm really having some difficulties clearing our hotel bills. I am sorry if i am inconveniencing you, but i have only very few people to run to now. i will be indeed very grateful if i can get a loan of $1,950 USD from you. this will enable me sort our hotel bills and get my sorry self back home. I will really appreciate whatever you can afford in assisting me with. I promise to refund it in full as soon as I return. Please let me know if you can be of any assistance. Thanks so much.

Pakistan Looks to Build a Censorship Firewall

The Business and Human Rights Resource Center  (BHRC) has a great set of resources on Pakistan's new request for proposal (RFP) for the "development, deployment and operation of a national-level URL filtering and blocking system":

In February 2012 the Pakistan Government published a public tender for the "development, deployment and operation of a national-level URL filtering and blocking system". Bolo Bhi, a Pakistan-based NGO, issued a petition calling on eight tech companies not to respond to the tender. Business & Human Rights Resource Centre invited the companies to respond.

 The BHRC has links to the responses from Cisco, Sandvine, and Verizon. The general idea is if tech companies refuse to supply to oppressive regimes, those regimes will have limited options to achieve oppression through technology. NPR has a good overview of tech in oppressive regimes.

image: mercuryreliance.wordpress.com

Aimless Surfing a Result of Fatigue and Stress

The Chronicle discusses a new study that connects that experience of surfing aimlessly, even though you have things that have to get done, to sleep deprivation:

They asked 96 undergraduates, who had worn a sleep-monitoring device the night before, to sit at a computer and pay close attention to a 42-minute lecture by a professor (whom they were told was being considered for a job). The students were left alone for this task, which required considerable concentration and patience, but any web surfing they did was monitored. 

As predicted, the less students had slept the night before, the more they were likely to wander off from their assigned task. Conversely, every minute of sleep meant .05 fewer minutes surfing.

A recent blog post by Tim Sacket highlighted the 80 hour work week fallacy. Seems like a consistent balanced approach to work allows you to get the most, high quality, work done over time.

image: www.webmd.com

Will Technology Make Universities Obsolete?

An article in the Chronicle discusses the future of universities with two folks from Georgia Tech:

It’s the same idea as the news industry. Local newspapers survived most of the last century on profits from classified ads. And what happened? Craigslist drove profits out of classified ads for local newspapers. If you think that it’s all revolving around you, and you’re going to be able to impose your value system on this train that’s leaving the station, that’s going to lead you to one set of decisions. Think of Carnegie Mellon, with its “Four Courses, Millions of Users” idea [which became the Open Learning Initiative], or Yale with the humanities courses, thinking that what the market really wants is universal access to these four courses at the highest quality. And really what the market is doing is something completely different. The higher-education market is reinventing what a university is, what a course is, what a student is, what the value is. I don’t know why anyone would think that the online revolution is about reproducing the classroom experience.

For someone who attended a small school like Pomona College, these people are missing the point. A community of learners and the development of an identity as an academic is a major component of any school, which isn't typically what happens in a social network of 150k people.

An alternative approach to education is happening here in Austin - a middle school teacher records lectures and the students watch them for homework. Problem sets and application of the material happens in the classroom, with teacher support. Technology is used to support an approach to teaching, not supplant it.

image: www.nj.com of The College of New Jersey

Facebook Content Moderators: $1 a Day, No Background Check

The Telegraph has a fascinating article on what happens when you click the "flag" button on Facebook. That image or video is sent to an international team of low wage workers that are paid $1, do not undergo a background check, and have limited oversight of their actions. The article describes some horrific images and briefly touches on the psychological consequences of this type of work for the employee - viewing hundreds of disturbing images every day has consequences.

In addition to the questionable morality of a company that is about to create 1,000 millionaires when it floats paying such paltry sums, there are significant privacy concerns for the rest of us. Although this invisible army of moderators receive basic training, they work from home, do not appear to undergo criminal checks, and have worrying access to users’ personal details. In a week in which there has been an outcry over Google’s privacy policies, can we expect a wider backlash over the extent to which we trust companies with our intimate information?

Civilian Use of Cell Phone Jammers

A local (Philadelphia) story about a commuter who uses cell phone jamming equipment when he thinks someone is being "rude" on a public bus has increased interest in the devices. The CNN story claims the devices can be bought on the Internet for $40 to $1000 dollars. Yes, they are illegal, and they block more than just the signal used by the obnoxious person on the bus:

Jammers work in much the same way online denial-of-service attacks on websites do -- transmitting a signal on the same frequency as mobile phone calls in the area. 

"In layman's terms, they basically just interrupt the signals in the area," Mislan said. "They are a louder signal, if you will, than anything else in the area. As a phone tries to connect to a tower, it can't because there's this other noise, if you will, in the way." 

Under federal law, illegally using a jammer can result in jail time and fines up to $16,000.

image: www.all-security-system.com

Over 30 Million Accounts on Facebook Belong to Dead People

When someone passes away, what happens to their social media accounts? How does Facebook handle a dead subscriber, and how do other subscribers interact with the dead persons profile? There are 30 million accounts on Facebook of people who have already died, according to a story on ReadWriteWeb:

"People are starting to incorporate their digital property and online presence into their wills," saysMichaelanne Dye, who holds an MA in cyberanthropology from Georgia State University. "Although this has not yet become a common trend, I think that one day it will be fairly common for people to make plans for their digital real estate before passing.

A PhD candidate at UC Irvine, Jed Brubaker, studies death and social media and has written about how both service providers such as Facebook and "friends" of the deceased handle death and social media in a research study called Death and the Social Network: The Persistence of Digital Identity.
Facebook has a memorialization process that essentially locks the account of the deceased. Only family members can request the site be taken down, and only family and friends at the time of the reported death are able to continue to comment. No word on how death shows up in your timeline.

image: http://www.jedbrubaker.com/
Article first published as Over 30 Million Accounts on Facebook Belong to Dead People on Technorati.

Wall Street Journal Hosts a Free Hackathon

The Wall Street Journal is hosting a weekend long "hackathon" where invited developers will work fantastic security and privacy researchers and developers to create free tools to promote data transparency and privacy. The event is called the "Data Transparency Weekend" and is hosted by Julia Angwin, who directs the Journal’s “What They Know” team. Alessandro Acquisti, professor of information technology and public policy at Carnegie Mellon University and author of one of the first papers on the privacy implications of Facebook will be one of the many session leaders.
The Wall Street Journal has focused on surveillance technology and data gathering through it's "What They Know" series, which covered the global market for surveillance technology and what technology is available to government for surveillance to the latest Google surveillance problems.

One of the fastest-growing businesses in the world is the use of your data. When you browse the Internet, your movements are recorded by hundreds of tracking companies. When you walk down the street, your cellphone is transmitting your location. Items you post on Facebook and Twitter are being monitored by employers, insurers and others.

Hopefully we will see some great tools come from this event.


Article first published as Wall Street Journal Hosts a Free Hackathon on Technorati.

U.S. Seizes Canadian Domain Name

A sports betting site that was registered through a Canadian registrar was shut down last week by U.S. authorities for illegal gambling, even though gambling isn't illegal globally. This domain seizure increases global attention on U.S. control of the domain name system through ICANN. From the Wired article:

But despite EasyDNS and others’ outrage, the U.S. government says it’s gone that route hundreds of times. Furthermore, it says it has the right to seize any .com, .net and .org domain name because the companies that have the contracts to administer them are based on United States soil, according to Nicole Navas, an Immigration and Customs Enforcement spokeswoman. 

The controversy highlights the unique control the U.S. continues to hold over key components of the global domain name system, and rips a Band-Aid off a historic sore point for other nations. Acomplicated web of bureaucracy and Commerce Department-dictated contracts signed in 1999 established that key domains would be contracted out to Network Solutions, which was acquired by VeriSign in 2000. That cemented control of all-important .com and .net domains with a U.S. company – VeriSign – putting every website using one of those addresses firmly within reach of American courts regardless of where the owners are located – possibly forever.

The article also discusses the implications of this action for the proposed UN takeover of the domain name system, which Eric Schmidt has warned emphatically against.


image: www.techaddiction.ca

Separate Ad Information from App Information, Protect Privacy

Researchers at Cambridge University have come up with a novel idea; separate the information a mobile application collects from the information that is sent to advertisers to protect privacy - called decoupling. The researchers studied 250,000 apps in the Android market and found that 73% were free, and 80% of those relied on targeted marketing as their business model. Most of the free apps, and many of the paid apps, collected information they didn't need and sent it to advertisers. Rather than block all advertising data, the researchers suggest creating two separate streams. From the TechCrunch article:

Leotiadis says a service that separates the information could take the form of a filter that comes in an app itself, or potentially could be incorporated into a mobile platform to work by default: Leontiadis says he would prefer to see a platform provider offer this by default. In any case, he doesn’t think it would be realistic to ask developers to manage this themselves: “There are over 52,000 developers in the market but only eight big ad networks,” he says. “It’s easier to control those networks than those developers.”

I wrote about Daniel Solove's brief history of targeted marketing here.

Unemployed Father of Two Helps Bring Down Hacker Group

Several of the top actors in the Lulzsec hacker group were arrested yesterday because one of the leaders of the group had turned informant months earlier. Apparently their leader was an unemployed father of two working out of public housing in New York. The group has attacked targets including Fox News, PBS, and the Stratfor Security firm. From the Wired article:

A top LulzSec leader turned informant last year after he was secretly arrested, providing information to law enforcement that led to the arrests Tuesday of other top members of the hacking group, including one alleged to be deeply involved in December’s Stratfor hack, federal authorities said Tuesday.

Hector Xavier Monsegur, a 28-year-old New Yorker who used the online name “Sabu,” has been working undercover for the feds since the FBI arrested him without fanfare last June, a story first reported by Fox News. Monsegur provided agents with information that helped them arrest several suspects on Tuesday, including two men from Great Britain, two from Ireland and an American in Chicago.

Anonymous Supporters Tricked Into Downloading Trojan

The anti-virus company Symantec has a detailed report on how members of the loosely affiliated hacker group Anonymous, known for attacking everyone from child porn distributors to the FBI, may have been tricked into downloading a trojan that steals online banking credentials, webmail credentials, and web browser cookies.

Anonymous uses a number of Twitter accounts to encourage "members" to act against a target. These Twitter postings will encourage group members to attack a specific target and will sometimes offer instructions and links to software to facilitate the attack. The site Pastebin is then used to distribute the software and other messages. One common attack is called the "distributed denial of service" (ddos) attack, where multiple people use a tool to submit thousands of requests to a web site, making it unavailable to web-surfers.

On January 21, the day after the MegaUpload raid, a commonly used ddos tool, Slowloris, was hacked and posted to Pastebin. Numerous Tweets include a link to the hacked tool, with the account @yourAnonNews picking up the link and sending it out to 500,000 followers.

The article doesn't share any theories as to who might be behind the hack, but this underscores the risks involved with operating a loosely affiliated group; it is hard for participants to know who to trust, and other can call participants to action, such as attacking Facebook, without any real affiliation to the group.

image: https://twitter.com/#!/youranonnews
Article first published as Anonymous Supporters Tricked Into Downloading Trojan on Technorati.

Police Surveillance Drone Crashes Into SWAT Truck

Police in Montgomery County were preparing for a photo op on Sunday when the surveillance drone they were going to use to take aerial photos of the maneuvers crashed into their SWAT vehicle. The Examiner reports the vehicle started having trouble and went into "shut-down" mode, causing it to crash:

Vanguard CEO Michael Buscher said his company's prototype drone was flying about 18-feet off the ground when it started having trouble. It's designed to go into an auto shutdown mode, according to Buscher, but when it was coming down the drone crashed into the SWAT team's armored vehicle.

The Government Accountability Office (GAO) studied the increasing use of drones in 2008 and cited the loss of control of one of these vehicles as a major concern. Increasing use of drones for domestic surveillance drones within U.S. borders has raised significant privacy concerns, with the EFF suing to find out who the Department of Transportation has authorized to control drones within the U.S.

image: http://vanguarddefense.com/

Article first published as Police Surveillance Drone Crashes Into SWAT Truck on Technorati.

FCC Requests Public Comment on When Police Should Be Able to Shut Down Cell Service

The FCC has issued a Request for Public Comment (pdf) last week on whether and when police should be able to shut down cell and Internet service. The New York Times discusses the BART incident in San Francisco, and whether the FCC even has the right to weigh in on the issue:

“Our democracy, our society and our safety all require communications networks that are available and open,” he said. “The F.C.C., as the agency with oversight of our communications networks, is committed to preserving their availability and openness, and to harnessing communications technologies to protect the public.” 

Among the issues on which the F.C.C. is seeking comment is whether it even has authority over the issue. The public notice asks for comment on whether the F.C.C. itself has legal authority over shutdowns of wireless service and whether it can pre-empt local, state or federal laws that prohibit or constrain the ability of anyone to interrupt service.

Illinois Judge: It is Legal to Audio Record Police Interactions

A judge in Illinois has ruled that the controversial eavesdropping law is unconstitutional because it is too far reaching. From the ArsTechnica article:

The eavesdropping law prohibits citizens from making audio or visual recordings of others without every recorded person's explicit consent. Sixty-year-old artist Drew audio-recorded his interaction with a police officer who was arresting him for selling art patches at the side of the road. A police officer found the tape recorder and Drew found himself with a Class 1 felony charge, which carries up to 15 years in prison. “That's one step below attempted murder,” Drew said in a January interview with the New York Times.

One of the most interesting stories related to this is from 2010, when a motorcycle rider with a helmet cam gets arrested for posting a YouTube video of a plainclothes police stop:

Google's Vision of the Future: Privacy Isn't Mentioned

Eric Schmidt, speaking at the opening ceremony of the Cebit trade show in Hanover, Germany apparently painted an amazing picture of the future, according to PCWorld:

holographic telepresence, self-driving cars, automatic translation and the widespread deployment of 1Gbps Internet access over optical fiber, bringing transnational peace and communication to all.

What wasn't mentioned was how privacy would be managed in this future state, which would be an especially important point to cover when Google's recent privacy policy changes have been called a violation of EU law.

New Pepper Spray Gun

A vortex gun - great example of technology that can be used for positive and negative applications. The gun can be used by firefighters to clear a smoky hallway of smoke, or used to send tear gas over long distances:

The vortex gun fires rings that reach a high speed of 90 mph upon exiting the muzzle and travel at 60 mph over more than 150 feet. The rings revolve as they fly through the air, but remain calm within the interior — not unlike the eye of a hurricane — so that they can hold a cargo of nonlethal gas or electrically charged air right up until hitting a target.

A Wall Street Journal article on the effects of pepper spray.