Data in the “Cloud” Needs Fourth Amendment Protection

by on May 27, 2011 · 4 comments

“Cloud computing” is the term for applications that are handled by third-party software and storage on the Internet, like Google Docs and QuickBooks Online, as opposed to programs like Microsoft Word and Quicken, which you load and access from your PC.

Gmail and Hotmail were early examples of cloud computing. The cloud computing concept has since expanded to include popular applications like photo editing and sharing, money management and social networking. It also takes in the increasing number of cloud-based storage services, like Dropbox, which allows you to port documents from client to client, and Carbonite, which performs near real-time back-up of data and documents on your PC.

What most Americans don’t realize is that data stored in the cloud is not protected by the Fourth Amendment the way that same data is if stored on a PC, CD or detachable hard drive in the home. My op-ed in the Washington Times today outlines this problem, and points to a new bill in Congress, S.1011, introduced last week by Sen. Patrick Leahy (D-VT), as a big step toward closing this loophole. S.1011, also cited by Berin here, extends the due process provisions against illegal wiretapping in the existing Electronic Communications Privacy Act (ECPA) to personal data stored in data centers owned and operated by third parties.

As online services and applications evolve, it is critical that these due process protections extend to cloud services. Public cloud infrastructure, applications and platforms are growing at 25 percent per year, according to International Data Corp., a market research firm specializing in high-tech. IDC found that, as of year-end 2010, 56 percent of Internet users use webmail services, 34 percent store personal pictures online, 7 percent store personal videos, 5 percent pay to store files and 5 percent back up their hard drive to a website. These numbers are all expected to grow rapidly.

But this is about more than convenience or personal preference for data storage. Internet applications are becoming geared for the “cloud.” Cloud computing will be the easiest, cheapest and most efficient way users can access personal data on any device, in any location, at any time. It’s not simply an option in the way one chooses to manage data. Cloud computing is becoming necessary to go about one’s daily business. Legal protections need to be there.

SHARE: 4 comments

Financial Crises as Information Problems

by on May 25, 2011 · 0 comments

If you haven’t seen it already, be sure to give a read to Friedman Prize winner Hernando de Soto‘s recent piece in Business Week, “The Destruction of Economic Facts.” It’s a fascinating perspective on the economic and financial turmoil that is wracking the United States and the world.

As de Soto perceives more easily from working in developing economies, an important input into functioning markets is good information—about property, ownership, debts, and so on. The “destruction of economic facts” is one of the roots of instability and uncertainty in Europe and the United States, he says. “In a few short decades the West undercut 150 years of legal reforms that made the global economy possible.”

The law and markets are information systems, says de Soto:

The rule of law is much more than a dull body of norms: It is a huge, thriving information and management system that filters and processes local data until it is transformed into facts organized in a way that allows us to infer if they hang together and make sense.

If you’re interested in information and transparency, it’s worth a read.

SHARE: 0 comments

Sprint throws cellular backhaul in with the merger kitchen sink

by on May 25, 2011 · 7 comments

For CNET this morning, I write about the latest tempest in the AT&T/T-Mobile USA merger teapot: cellular backhaul or “special access” as its known in the industry.

Like a child sitting on Santa’s lap at the mall, Sprint CEO Dan Hesse included backhaul in his wish list of conditions he’d like to see attached to the deal.  Yesterday, Public Knowledge duly confirmed that yes, backhaul is a “multiplier” problem for the deal.

(Sprint says they would like the deal blocked, but that is mere posturing.  What they really want is to use the FCC’s bloated and unprincipled merger review process to sneak in as many private concessions for themselves as they can get.   And who can blame them for trying?  More on that in a moment.)

For those who don’t know, backhaul is the process of moving cellular traffic (voice and data) to other high-speed networks (traditionally landline copper but now including cable, fiber, microwave and local Ethernet) to transport them to their ultimate destination.  As mobile use increases, of course, the necessity of reliable, high-speed backhaul to keep overall performance up becomes more critical than ever.

Continue reading →

SHARE: 7 comments

Reform Sarbox To Galvanize High-Tech IPOs

by on May 24, 2011 · 5 comments

Last week’s blockbuster LinkedIn IPO valued the company at nearly $9 billion, surprising many investors, especially given the company’s initial valuation of about $4 billion. While some analysts have pointed to LinkedIn’s valuation as evidence that we may be headed into another tech bubble (a la 2000), it’s important to remember that major tech IPOs remain far less frequent in comparison to their heyday in the dot com boom. While there are many good reasons behind the recent reduction in IPO frequency, ill-conceived public policies have distorted the decision-making process of thriving startups.

In an op-ed in tomorrow’s Investor’s Business Daily, Jacque Otto and I elaborate on this argument:

Silicon Valley is teeming with budding startups whose user bases and valuations are skyrocketing. As these companies seek breathing room to grow, they will face a tough decision: stay private, seek out a buyer or go public.

Making this complex choice all the more challenging is government uncertainty. Filing for an initial public offering is harder than ever due to the onerous regulations and burdensome laws Washington has handed down over the past decade. Microsoft’s $8.5 billion purchase of Skype surprised analysts, many of whom had predicted Skype would seek an IPO or a deal with Facebook or Google.

Meanwhile, Facebook has kept quiet in face of speculation over whether it might file for an IPO. So far, the social networking giant has focused on raising capital privately. Given the risks of going public in this environment, Facebook’s decision is understandable.

While some tech firms — including LinkedIn, Kayak and Demand Media — have gone public or filed for IPOs in the past year, many others — including Hulu, Zynga, and Twitter — are reportedly leaning against going public this year. Some of these may be acquired, as happened with AdMob, a mobile advertising startup rumored to be pondering an IPO until Google bought it for $750 million in 2009.

Why do tech companies appear more reluctant to go public today than they were during the tech sector’s heyday of the early 2000s?

Continue reading →

SHARE: 5 comments

video & slides from Hill Briefing on Online Privacy Policy

by on May 24, 2011 · 1 comment

Last week, I spoke to a group of Capitol Hill staffers about the current debate over online privacy policy. The topic is red-hot right now with 6 major bills pending and plenty of international and state-based activity percolating. I offered the staffers an overview of these issues as well as an alternative vision for how we might handle privacy concerns going forward.

I have embedded the video of my briefing below and it can also be found on the Mercatus website here. And the slide deck I used that day can also be found down below or over on Scribd here.

Continue reading →

SHARE: 1 comment

Micah Sifry on government transparency and WikiLeaks

by on May 24, 2011 · 1 comment

On the podcast this week, Micah Sifry, co-founder of the Personal Democracy Forum, editor of techPresident.com, and author of the new book, Wikileaks and the Age of Transparency, discusses government transparency. Sifry talks about the various purposes of government transparency, technology’s effect on it, and bi-partisan competition that can promote it. He also discusses Bradley Manning’s case, the evolution of WikiLeaks, and the transparency, or lack thereof, within the WikiLeaks organization.

Related Links

To keep the conversation around this episode in one place, we’d like to ask you to comment at the web page for this episode on Surprisingly Free. Also, why not subscribe to the podcast on iTunes?

SHARE: 1 comment

video: Robert Corn-Revere on “The High Value of Low Speech”

by on May 24, 2011 · 0 comments

My good friend and mentor Robert Corn-Revere, a First Amendment attorney with the law firm Davis Wright Tremaine, gave a terrific talk on “The High Value of Low Speech” at a recent Reason Foundation event.  Bob is one of the greatest living defenders of freedom of speech and expression and his talks are always inspiring, informative, and entertaining. I recommend you check it out. The video is embedded below or can be found on the ReasonTV website here.

“All First Amendment cases are about the power,” Corn-Revere argues. “Who should have the power to tell individuals what to read, think, believe or feel?” He continues on to explain the recent history of controversial First Amendment jurisprudence — much of which he has been personally responsible for litigating — and explains why even “low speech” is worth defending if we cherish our speech rights.

 

 

SHARE: 0 comments

More on California’s New Net Regulations

by on May 23, 2011 · 1 comment

As Sonia Arrison mentioned here on Friday, the State of California is currently considering legislation that could, in the name of enhancing online privacy, impose burdensome new regulatory mandates on the Internet. Sonia has a nice column at TechNewsWorld discussing this. I also wrote about the same issue in my Forbes column this week, which is entitled, “The State of California Versus the Internet.” Specifically, I discuss SB 242, “The Social Networking Privacy Act,” and SB761, the so-called Do Not Track bill, and argue that: “What unifies these two measures is a general lack of understanding about the way the Internet and digital technology work. Both measures fail to appreciate the global nature of the Internet and would raise a host of unintended consequences.”

While the best of intentions drive these measures, they will be complicated to enforce in practice and could have a devastating impact on the California economy in the process. “If California wants to reestablish itself as the home of high-tech innovation,” I argue, “it needs to realize heavy-handed Net controls are not the ticket to either economic progress or job-creation.” Moreover, “These laws could be challenged in court since state-based regulation of the Internet raise constitutional issues. The Commerce Clause of the Constitution was designed to block the sort of parochial burdens on interstate commerce that these measures would establish.”

Jump over to Forbes to read the rest. Let’s hope California policymakers realize what a mistake they are making before it’s too late. If they don’t, Congress will need to preempt this regulation of interstate commerce if it’s not immediately challenged in Court and overturned.

SHARE: 1 comment

Super-injunctions: enforceable until they’re not

by on May 23, 2011 · 10 comments

There is a major controversy rocking the UK over the far-reaching press gag orders known as “super-injunctions,” especially because they’ve been brought to the fore by a sex scandal between famous footballer Ryan Giggs and reality TV star Imogen Thomas. (This blog post is now officially illegal in the UK.) In [my latest TIME.com Techland post](http://techland.time.com/2011/05/21/twitters-super-duper-u-k-censorship-trouble/), I explain the controversy and say that while the injunction is legally enforceable–Facebook has a London office with over 50 employees, and [today comes word](http://blogs.ft.com/fttechhub/2011/05/twitter-london/) that Twitter is starting up its UK operation–they are not practically enforceable because once out, the information cannot be controlled. I wrote:

>Controlling information is possible, but only at the margin and at great cost. As information technology advances, that margin at which information can be controlled gets thinner and thinner, and the costs of doing so become greater and greater. So given the apparent futility of keeping facts secret, you’d think officials would look to find better ways of confronting the new reality. That’s unfortunately not the case.

>“Why are we assuming that the world of communication, developing as rapidly as it is, can never be brought under control by other technological developments?” asked the head of the U.K.’s judiciary yesterday. “I am not giving up on the possibility that people who in effect peddle lies about others through modern technology may one day be brought under control.”

>And we should not forget to look in the mirror. While the U.S. has some of the world’s most extensive free speech and press liberties, it seems every week there is a new proposal to control what information can be published online.

SHARE: 10 comments

Privacy Solutions: How to Block Facebook’s “Like” Button And Other Social Widgets

by on May 20, 2011 · 21 comments

Social widgets, such as the now-ubiquitous Facebook “Like” button and Twitter “Tweet” button, offer users a convenient way to share online content with their friends and followers. These widgets have recently come under scrutiny for their privacy implications. Yesterday, The Wall Street Journal reported that Facebook, Twitter, and Google are informed each time a user visits a webpage that contains one of the respective company’s widgets:

Internet users tap Facebook Inc.’s “Like” and Twitter Inc.’s “Tweet” buttons to share content with friends. But these tools also let their makers collect data about the websites people are visiting. These so-called social widgets, which appear atop stories on news sites or alongside products on retail sites, notify Facebook and Twitter that a person visited those sites even when users don’t click on the buttons, according to a study done for The Wall Street Journal.

It wasn’t exactly a secret that social widgets “phone home.” However, the Journal’s story shed new light on how the firms that offer social widgets handle the data they glean regarding user browsing habits. Facebook and Google reportedly store this data for a limited period of time — two weeks and 90 days, respectively — and, importantly, the data isn’t recorded in a way that can be tied back to a user (unless, of course, the user affirmatively decides to “like” a webpage). Twitter reportedly records browsing data as well, but deletes it “quickly.”

Assuming the companies effectively anonymize the data they glean from their social widgets, privacy-conscious users have little reason to worry. I’m not aware of any evidence that social widget data has been misused or breached. However, as Pete Warden reminded us in an informative O’Reilly Radar essay posted earlier this week, anonymizing data is harder than it sounds, and supposedly “anonymous” data sets have been successfully de-anonymized on several occasions. (For more on the de-anonymization of data sets, see Arvind Narayanan and Vitaly Shmatikov’s 2008 research paper on the topic).

Continue reading →

SHARE: 21 comments

← Previous Entries

Next Entries →