Privacy, Security & Government Surveillance

TPW 41: Book Corner Featuring John Palfrey, author of Born Digital

by on February 9, 2009 · 21 comments

John Palfrey, co-author of Born DigitalOn this episode of “Tech Policy Weekly,” we’re launching a new format called “Tech Book Corner” that will feature occasional conversations with the authors of important new books about technology policy and the other issues that we debate frequently at the Tech Liberation Front blog.

On this debut episode of Book Corner, we are joined by John Palfrey, a professor of law at Harvard University and the co-director of the Berkman Center for Internet & Society at Harvard. Along with his Berkman Center colleague Urs Gasser, Prof. Palfrey has recently co-authored Born Digital: Understanding the First Generation of Digital Natives, which was published last summer by Basic Books and which you can find out more information about at www.borndigitalbook.com. [Incidentally, I reviewed Born Digital here last October and I also named it one of the most important technology policy books of 2008.]

Born Digital cover

In our discussion, Prof. Palfrey explains who exactly counts as a “digital native” and tells us why he decided to write a book about them. He discusses why he believes that there has been some overreaction by older generations to fears about this Digital Generation and he argues that we need “to separate what we need to worry about from what’s not so scary” and “what we ought to resist from what we ought to embrace.” He then outlines how we should think about these issues and concerns going forward, and he stresses the importance of “balancing caution with encouragement” as we do so. Finally, he then applies that framework to three specific issues: privacy, child safety, and copyright.

It’s an interesting conversation and you can begin listening to it immediately by downloading the MP3 file here or by just clicking the play button below!

[display_podcast]

SHARE: 21 comments

“Redress” = Due Process

by on February 9, 2009 · 15 comments

In discussions about data-intensive government programs like watchlists, people often talk about the importance of “redress” – giving the public some way to correct information or dispute adverse decisions arising from these programs.

“Redress” is a misnomer that diminishes the importance of the subject at hand. Constitutional Due Process is what’s at stake. So says the Ninth Circuit in the case of Humphries v. County of Los Angeles.

SHARE: 15 comments

Google’s Latitude and Privacy Concerns

by on February 7, 2009 · 31 comments

Google LatitudeGoogle’s latest major launch is “Latitude,” a geo-location service that lets users find friends on a digital map and then network with them. These services are often referred to as “LBS,” which stands for “location-based services.” I wrote about LBS here before in my essay on “The Next Great Technopanic: Wireless Geo-Location / Social Mapping.” As I pointed out in that piece, LBS raise privacy concerns with some people because, by their nature, these technologies involve the tracking of users.

But I’ve argued that those concerns are generally over-blown, especially because you have to download and opt-in to these services. In other words, you know what you’re getting into. Moreover, companies who offer these services, like Loopt and now Google, go out of their way to offer privacy safeguards. Indeed, even some privacy activists agree.

For example, Michael Zimmer of the School of Information Studies at the University of Wisconsin-Milwaukee, is someone who pays close attention to privacy issues and is often critical of Google and other companies for supposedly not paying enough attention to privacy concerns. In the case of Latitude, however, he argues that “Google Actually Got it (Mostly) Right.”  Here’s his snapshot of “what Google’s done to help give users control of their information flows in Latitude”: Continue reading →

SHARE: 31 comments

I Hate “Cloud Computing”

by on February 6, 2009 · 18 comments

I hate the term “cloud computing” because it denies the duties and responsibilities of network operators and software and database managers.

It’s like a George Carlin bit: “I didn’t breach the data. The cloud did it! It was out in the cloud! How did the government get my private data? It got it from the cloud. The cloud gave the government the data . . . .”

SHARE: 18 comments

Harper: One to Watch in 2009

by on February 5, 2009 · 7 comments

I’m pleased and humbled to have been named one of the Ars Technica/Tech Policy Central “People to Watch” in 2009. Along with my opposition to the REAL ID national identification scheme, they cite my work opposing the E-Verify national worker background check system (which would ultimately require a national ID).

Considering how the economic stimulus bill may be a vehicle for mandating broader use of E-Verify, the first thing you might see from watching me in 2009 might be an angry and disappointed advocate for liberty.

SHARE: 7 comments

DHS Privacy Committee Telephonic Meeting Today

by on February 3, 2009 · 4 comments

The DHS Privacy Committee meets at 1:00 p.m. (Eastern) today, via telephone, and you can listen in! From the Federal Register notice:

Members of the public are welcome to listen to the meeting by calling (800) 320-4330 and entering Pin Number 215132. The number of teleconference lines is limited, however, and lines will be available on a first-come, first-served basis.

SHARE: 4 comments

Book Review: Planet Google by Randall Stross

by on February 2, 2009 · 23 comments

Planet GoogleI finally got around to reading Planet Google: One Company’s Audacious Plan to Organize Everything We Know, by Randall Stross. It’s very well done. Stross is a frequently contributor to the New York Times and the author of several other interesting books on the technology industry. He knows how to weave a story together, and it helps that Google’s story is a pretty amazing one.

Each chapter discusses a different part of Google’s growing family of services — GMail, Google Maps, Google Earth, Book Search, and YouTube. Of course, it all started with search and Stross does a good job explaining how the ingenious Google search algorithm has grown from dorm room project to the greatest aggregator of human knowledge that the world has ever known. This, in turn, has powered Google’s hugely successful online advertising system. The real secret of their success with online advertising, Stross argues, is that “Google’s impersonal, mathematical approach search also provides you with the ability to serve advertisements that are tailored to a search, rather than to the person submitting the search request, whose identity would have to be known.”

Despite the benefits of such generally anonymous searching, as Google has grown and added new services and capabilities, concerns about the sheer volume of data that the company collects have led to heightened privacy concerns. Indeed, privacy is a core theme that Stross uses in the book to tie many of the chapters and issues together. Google is constantly struggling to strike the right balance between providing more access to the world’s information while also being careful not to raise privacy concerns. But it’s unclear exactly how much more information collection that users (or public officials) will tolerate before advocating stricter limits on Google’s reach.  As Stross points out:

Guided by its founding mission, to organize all the world’s information, Google has created storage capacity that allows it to gain control of what its users are you doing in a comprehensive way that no other company has done, and to preserve those records indefinitely, without the need to clear out old records to make way for new ones. Moreover, Google differentiates its service by refining its own proprietary software formula to mine and massage the data, technology that it zealously protects from the sight of rivals. This sets up a conflict between Google’s wish to operate a “black box” (completely opaque to the outside) and its users’ wish for transparency.

Continue reading →

SHARE: 23 comments

Cloning and Tracking Passport Cards and EDLs

by on February 2, 2009 · 601 comments

Via engadget, here’s a fun video showing how easy it is to pick up information from passport cards and “enhanced driver’s licenses.” (Enhancement is in the eye of the beholder, of course.)

These cards use RFID to broadcast information when properly interrogated, and this information can be used (at a minimum) to track people’s movements. Hacker Chris Paget demonstrates this and discusses the weakness of using RFID on people.

San Francisco ex-pats like myself will take special delight from the video as Chris drives past Red’s Java House at minute 1:56. Burger me – NOW!

And he would scrap WHTI. I’ll have one of those too.

http://www.youtube.com/v/9isKnDiJNPk&color1=0xb1b1b1&color2=0xcfcfcf&hl=en&feature=player_embedded&fs=1

SHARE: 601 comments

Administration Delays E-Verify for Federal Contractors

by on January 30, 2009 · 9 comments

The Washington Post reports that the Obama administration is delaying the Bush Administration plan to require federal contractors to use the E-Verify worker background check system.

Criticizing the move, Lamar Smith (R-TX), ranking minority member on the House Judiciary Committee says, “It is ironic that at the same time President Obama was pushing for passage of the stimulus package to help the unemployed, his Administration delayed implementation of a rule designed to protect jobs for U.S. citizens and legal workers.”

E-Verify may well have been designed or intended to protect jobs for citizens and legal workers, but that’s not at all what it would do. I wrote about it in a Cato Policy Analysis titled “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration” (a ten-year follow-on to Stephen Moore’s “A National Id System: Big Brother’s Solution to Illegal Immigration“):

A mandatory national EEV system would have substantial costs yet still fail to prevent illegal immigration. It would deny a sizable percentage of law-abiding American citizens the ability to work legally. Deemed ineligible by a database, millions each year would go pleading to the Department of Homeland Security and the Social Security Administration for the right to work.

Even if E-Verify were workable, mission creep would lead to its use for direct federal control of many aspects of American citizens’ lives. Though it should be scrapped, the longer E-Verify is delayed the better.

SHARE: 9 comments

“Publicacy”? How About “Publicity”?

by on January 28, 2009 · 8 comments

Scott Cleland is nothing if not interesting. And I was interested by a post he has up this morning: The Growing Privacy-Publicacy Fault-line – The Tension Underneath World Data Privacy Day.

Today is World Data Privacy Day. You can tell by the demonstrations and fireworks displays in capitals around the world. (ahem)

I’ll be speaking at a Dialogue on Diversity Internet privacy briefing on Capitol Hill this afternoon, in case you’re interested and have time.

But Scott’s point – privacy is in tension with the “publicacy” ethos of the Web 2.0 world – I think it’s a very interesting point.

My differences with him are two.

The first is semantic: I think the word he should use is “publicity.” It has the benefit of already being a word – and it’s capable of being pronounced as well!

The second, and more important, is where the ethos comes from: It’s a demand of people – not the Web 2.0 set, but all people.

Privacy and publicity are two sides of the same personal-information coin. People want some information to be kept private – we know that. But they have at least equal or greater demands to make information public – to give it publicity. This is why restaurants and bars are open, curtainless rooms. It’s why email, blogs, Flickr, Facebook and other social networking sites are popular.

The reason why privacy is sought-after and its twin “publicity” is ignored, is because publicity is the default. The laws of physics mean that information about you is automatically displayed when you walk on the street. Photons of light bounce off your body and convey personal information to the photo-receptors (or “eyes”) of people around you.

The ‘physical’ laws of the Internet are similar. You have to ‘publicize’ your IP address to have any contact with another on the Internet. You have to publicize lots of identity, biographical, and other personal information to have any meaningful contact with others on the Internet.

But imagine a world where privacy was the default and information did not naturally travel to others. People would demand publicity. Poeple would demand to be seen and remembered, to have details about their lives recounted by others.

Publicity is not an incursion on social norms being perpetrated by Google and other Web 2.0 types. Web 2.0ish things are a response to the broad implicit demand for publicity. Oh, it’s implicit to the point of contradictory: People say they want privacy even as their actions betray their longing for publicity.

The trick is for people to figure out how to give themselves publicity in the things they want known, and to maintain privacy in the things they don’t. That’s a problem that will most likely be solved by the passage of a few generations, when the technologies that are new today are familiar, and when people have reset their personal information practices and their expectations.

SHARE: 8 comments

← Previous Entries

Next Entries →