Governments are exercising more and more control over individuals using financial systems and communications systems.
We spend most of our time here on communications. Here’s a look at how things are shaping up in the financial area:
Articles by Jim Harper 
Jim is the Director of Information Policy Studies at The Cato Institute, the Editor of Web-based privacy think-tank Privacilla.org, and the Webmaster of WashingtonWatch.com. Prior to becoming a policy analyst, Jim served as counsel to committees in both the House and Senate.
Follow @Jim_Harper
Fellow TLFer Julian Sanchez has written (twice) at Cato@Liberty on the big school-using-laptops-to-spy-on-kids case.
Indulging my contrarian habit, I’m taking a little bit of a different view, though not necessarily an inconsistent one. While it seems error to me that the school district issued laptops with a potentially invasive security system, failing to fully inform parents, I think a lot more facts have to come out before we reach legal conclusions.
I started to feel some contrary comin’ on when I read the lengthy commentary of a parent at the school, posted on a privacy colleague’s Facebook wall. Among other things, she said:
The minor in question is a truly bad kid. [cites supporting facts] He had broken two laptop computers and had been issued a loaner computer with the explicit instructions not to take it off school property. It disappeared from the school and when questioned he told the school it had been stolen from him. There is quite a bit of theft and laptops had been a target. The kids seemed to know about the security system in place, I didn’t know about it which I think was wrong — the school has apologized for this. The school activated the security system realized the computer was in use and the webcam took a still shot. The minor in question was sitting in front of the webcam, the rumor is with drugs. The photo was sent to the police which apparently was standard procedure for stolen property and not related to anything else.
Maybe the “drugs” were Mike & Ike’s candies. The plaintiff’s lawyer says so. (Consider the veracity of a kid explaining things to his parents and their counsel, though, and of a trial lawyer seeking to lead a class action.)
Sugar pills or not, if the laptop is AWOL from school—presumptively stolen—I don’t see that it would be unreasonable to use the security system to discover its location, and the camera to capture images of who is using it. If there are statutes that would prevent that, I think a court would find a way to avoid applying them, be it on the theory that the putative thief assumed the risk of being surveilled, unclean hands, or some other basis.
The reporting and commentary has been a little overwrought. Better facts will determine what law should apply. Parents at the school have started a Facebook group to discuss this and share the rest of the story given that the school district has, well, lawyered up.
I tipped a reporter at an outlet I respect about this parent’s version of events. The reporter was alternately dismissive of sources that weren’t “official” and highly defensive when I suggested that her writing and reporting appeared to be preserving controversy rather than getting to the bottom of things. So much for relying on media—even new media—for getting information out.
Maybe spun-up outrage will cause better policies in this area than would otherwise result. Maybe we’ll learn that the security system was used for routine, inappropriate spying on kids. But as a legal case, there’s a lot more to be learned before we should draw conclusions.
Tim Lee points to “The Toyota Recall and the Case for Open, Auditable Source Code.”
Knowing how the technology in our cars work is not just a safety issue, but a privacy issue—and maybe even a tax issue.
From my undulating perch on an elliptical machine last night, I saw that CNN was broadcasting a strange roundtable event called “cyber.shockwave”—they occasionally displayed a subhead saying something like “you were warned.”
It was a group of (mostly) former Bush Administration officials sitting around making their pitch that we should be frightened about yet another menace and that our salvation is to run to the arms of government (especially if it’s controlled by their party). The CNN airing of it was illustration of how politics and public policy are collapsing together with entertainment—reality TV, specifically. The government “experts” were actors in a play dressed up as a newscast.
This post at “Crabbyolbastard Ruminates” captures my sense of what was going on. (“I see that we as a country are being led by blithering Luddites . . .”) As reported by Crabbyol’, the ideas they discussed included: pulling the plug on the Internet, pulling the plug on the cell phone networks, and nationalizing the telco and power companies.
D33PT00T tweets, cleverly, “ok my phn doesn’t work & Internet doesn’t work – ths guys R planning 2 run arnd w/ bullhorns ‘all is well remain calm!'”
Maybe it’s coincidence that Republicans dominated the scene. It was an event put together by the “Bipartisan Policy Center.” But that just goes to show that there is bipartisan agreement on one thing in Washington, D.C.: The government should control more of the society.
The U.S. federal government is not where the action is on “cybersecurity.” It is the responsibility of coders, device manufacturers, network operators, data holders, and ordinary computer users. The CNN broadcast of this event mislead viewers into thinking that cybersecurity is the government’s responsibility and that the government will lead any response to security failures.
Heaven help us if that becomes the reality.
If you have a mobile phone, that’s the upshot of an argument being put forward by the government in a case being argued before the Third Circuit Court of Appeals tomorrow. The case is called In the Matter of the Application of the United States of America For An Order Directing A Provider of Electronic Communication Service To Disclose Records to the Government.
In that case, the Obama administration has argued that Americans enjoy no “reasonable expectation of privacy” in their—or at least their cell phones’—whereabouts. U.S. Department of Justice lawyers say that “a customer’s Fourth Amendment rights are not violated when the phone company reveals to the government its own records” that show where a mobile device placed and received calls.
The government can maintain this position because of the retrograde “third party doctrine.” That doctrine arose from a pair of cases in the early 1970s in which the Supreme Court found no Fourth Amendment problems when the government required service providers to maintain records about their customers, and later required those service providers to hand the records over to the government.
I wrote about these cases, and the courts’ misunderstanding of privacy since 1967’s Katz decision, in an American University Law Review article titled “Reforming Fourth Amendment Privacy Doctrine“:
These holdings were never right, but they grow more wrong with each step forward in modern, connected living. Incredibly deep reservoirs of information are constantly collected by third-party service providers today. Cellular telephone networks pinpoint customers’ locations throughout the day through the movement of their phones. Internet service providers maintain copies of huge swaths of the information that crosses their networks, tied to customer identifiers. Search engines maintain logs of searches that can be correlated to specific computers and usually the individuals that use them. Payment systems record each instance of commerce, and the time and place it occurred. The totality of these records are very, very revealing of people’s lives. They are a window onto each individual’s spiritual nature, feelings, and intellect. They reflect each American’s beliefs, thoughts, emotions, and sensations. They ought to be protected, as they are the modern iteration of our “papers and effects.”
This is a case to watch, as it will help determine whether or not your digital life is an open book to government investigators.
I’ve written before about my dislike of “the cloud.”
The term implies that there aren’t specific actors doing specific things with data, which will tend to weaken people’s impression that they have rights and obligations when using or providing cloud services. We’re talking privacy problems.
When “cloud” services fail, the results can be widespread and significant. Think of cloud computing as a sibling of security monoculture.
TechDirt’s indefatigable Mike Masnick reminds us of this with a tweet today about hiccups in Google Calendar that may have prevented him getting on a conference call. He’s written once or twice about the cloud in terms of legal/discovery issues, privacy issues, and business/regulatory hurdles.
Remote computing is not going away, but it’s a fad that should fade over time. I think I hit the right notes in an earlier post where I said:
There will always be a place for remote storage and services—indeed, they will remain an important part of the mix—but I think that everyone should ultimately have their own storage and servers. (Hey, we did it with PCs! Why not?) Our thoroughly distributed computing, storage, and processing infrastructure should be backed up to—well, not the cloud—to specific, identifiable, legally liable and responsible service providers.
Over on the Cato@Liberty blog, I’ve written a piece grading the “high-value data sets” agencies released a few weeks ago on Data.gov. (Agencies are supposed to have “/open” sites up by tomorrow.)
The results? Four As, four Bs, seven Cs, eighteen Ds, and eight Fs. Take a look!
Last week, Harvard professor Lawrence Lessig visited the Cato Institute for a lunchtime talk he had sought through Julian Sanchez. Fellow TLFer Julian discussed the substance of the visit on the Cato@Liberty blog.
I discussed the real purpose of the visit as I interpreted it, and Professor Richard Epstein had a comment, too. He finds that Lessig is now, in fairness, a libertarian—if by “fairness” we mean “tit-for-tat.”
As I’ve detailed in a WashingtonWatch.com blog post, the president called for earmark transparency in his state-of-the-union speech tonight. A fact sheet put out by the White House goes beyond the president’s words to call for “a comprehensive, bipartisan, state-of-the-art disclosure database that allows Americans to examine the details of every proposed earmark before a vote is taken—one that is fully searchable and otherwise user-friendly.”
This is very good news for transparency coming out of the state-of-the-union speech. And I’ll be working to make sure that the good practices that take root in the earmark area branch out to other areas as well.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.
WashingtonWatch.com: Over 100,000 Comments on One Bill
by Jim Harper on February 11, 2010 · 4 comments
It’s not the highest-toned debate the world of public policy has ever seen, but the WashingtonWatch.com discussion on Public Law 111-92, the Unemployment Compensation Extension Act of 2009, has now reached over 100,000 comments.
I’ve discussed the astounding level of commentary—and all the efforts to keep it civil—in a post on the WashingtonWatch.com blog.