Posts tagged as:

Will Making Cameras “Click” Again Stop Digital Voyeurism?

by on January 27, 2009 · 21 comments

I’m intrigued by this new bill that Rep. Peter King has introduced to prevent video voyeurism. H.R. 414, the “Camera Phone Predator Alert Act” finds that “children and adolescents have been exploited by photographs taken in dressing rooms and public places with the use of a camera phone.”  To remedy this problem, King’s “Phone Predator Alert” bill would require that:

any mobile phone containing a digital camera that is manufactured for sale in the United States shall sound a tone or other sound audible within a reasonable radius of the phone whenever a photograph is taken with the camera in such phone. A mobile phone manufactured after such date shall not be equipped with a means of disabling or silencing such tone or sound.

In other words, cameras would have to get noisy again!  Old timers will recall the days when our cameras were noisier than a box of rocks. Today’s digital cameras and camera phones, by contrast, are increasingly silent, but that also opens up the door to potential abuse by some creeps out there. While I don’t believe there’s evidence pointing to a national epidemic of digital voyeurism, there’s no doubt that some people — including many youngsters — are having their privacy invaded in this fashion.

I find King’s solution at once to be both ingenious and futile. It’s ingenious in that, if we could truly force it upon everyone, it might actually go along way towards solving this problem. The noisy camera would again act as the prime deterrent to such an act.

Continue reading →

SHARE: 21 comments

Nuts & Bolts: Everything You Wanted To Know About Cookies But Were Afraid To Ask

by on January 27, 2009 · 16 comments

As a means of introducing myself to TLF readers, this is an article that I wrote for the PFF blog in September that has not been previously mentioned on the TLF. Most of my other PFF blog posts have been cross-posted by Adam Thierer or Berin Szoka, but I’ve taken ownership of those posts so they appear on my TLF author page.

This is the first in a series of articles that will focus directly on technology instead of technology policy. With an average age of 57, most members of Congress were at least 30 when the IBM PC was introduced in 1981. So it is not surprising that lawmakers have difficulty with cutting-edge technology. The goal of this series is to provide a solid technical foundation for the policy debates that new technologies often trigger. No prior knowledge of the technologies involved is assumed, but no insult to the reader’s intelligence is intended.

This article focuses on cookies–not the cookies you eat, but the cookies associated with browsing the World Wide Web. There has been public concern over the privacy implications of cookies since they were first developed. But to understand them , you must know a bit of history.

According to Tim Berners Lee, the creator of the World Wide Web, “[g]etting people to put data on the Web often was a question of getting them to change perspective, from thinking of the user’s access to it not as interaction with, say, an online library system, but as navigation th[r]ough a set of virtual pages in some abstract space. In this concept, users could bookmark any place and return to it, and could make links into any place from another document. This would give a feeling of persistence, of an ongoing existence, to each page.”[1. Tim Berners-Lee, Weaving The Web: The Original Design and Ultimate Destiny of the World Wide Web. p. 37. Harper Business (2000).] The Web has changed quite a bit since the early 1990s.

Today, websites are much more dynamic and interactive, with every page being customized for each user. Such customization could include automatically selecting the appropriate language for the user based on where they’re located, displaying only content that has been added since the last time the user visited the site, remembering a user who wants to stay logged into a site from a particular computer, or keeping track of items in a virtual shopping cart. These features are simply not possible without the ability for a website to distinguish one user from another and to remember a user as they navigate from one page to another. Today, in the Web 2.0 era, instead of Web pages having persistence (as Berners-Lee described), we have dynamic pages and “user-persistence.”

This paper describes the various methods websites can use to enable user-persistence and how this affects user privacy. But the first thing the reader must realize is that the Web was not initially designed to be interactive; indeed, as the quote above shows, the goal was the exact opposite. Yet interactivity is critical to many of the things we all take for granted about web content and services today.

Continue reading →

SHARE: 16 comments

The “GPS Tax,” e-Health & the Privacy Implications of Tech Upgrades for Government Monopolies

by on January 21, 2009 · 13 comments

Just before the New Year, Mike Masnick reported:

It’s been well over five years since we first heard about a plan in Oregon to attach GPS devices to cars and tax drivers based on how much they drove and the idea hasn’t become any better in the intervening years… but apparently it’s still being pushed. Oregon’s governor is trying to move forward with the plan.  One of the reasons behind the bill has nothing to do with a more efficient way to tax drivers, but because the state is gaining less revenue from its gas tax since there are more fuel-efficient cars on the roads these days. Of course, rather than reward drivers for driving more fuel efficient cars, this sort of tax punishes them, and actually encourages the use of less fuel efficient vehicles. And, of course, that doesn’t even begin to get into the potential (and likely) privacy problems brought about by any system whereby the government has full access to a GPS system on your car.

This is a great example of the problems that often arise when trying to bring into the digital age areas of the economy monopolized or dominated by government.  There’s a clear (if imperfect) analogy here to Obama’s ambitious goal of digitizing health records:  both are great ideas that raise special privacy concerns because of the heavy involvement of government.  These privacy concerns are certainly not unwarranted:  I wouldn’t want the government to have access to my car’s location or my medical history at any given moment or a complete record of where I’ve driven or what doctors I’ve seen.  But just as relying on paper health records is clearly stupid (and dangerous), it would make a hell of a lot more sense for drivers to pay for road use depending on “where, when and how far they drove”—as in a small pilot project in the UK.

Today, state and Federal taxes on every gallon of gasoline are intended to serve two conflicting purposes—but do a poor job with both.   Continue reading →

SHARE: 13 comments

The Most Important Number for Technology Policy in 2009

by on January 8, 2009 · 19 comments

Is $1,200,000,000,000.00.  That’s the expected 2009 Federal budget deficit.  Since the current Federal debt is estimated at a “mere” $10.6 trillion, this means that we’re expected to add nearly 9% in a single year to a debt accumulated over 233 years (since 1774).  This number also amounts to more than 8% of the U.S. economy. 

So what does this have to do with technology policy?  To start with, this figure comes from Congressional Budget Office estimates, which “don’t account for the huge economic stimulus bill Obama is expected to propose soon to try to jolt the economy.”  So, while the Obama team has talked about big “public works” and “infrastructure” spending (which used to be called, variously, “make-work,” “pork barrel” and “corporate welfare”), there’s sure to be huge pressure not to waste more taxpayer money on top of this staggering figure.  Whatever blame Bush deserves, Obama probably doesn’t want to go down in history as the man who finally caused the U.S. government to default on its unmanageable debt burden.

One certainly could make an argument that the kind of technology-related “infrastructure” stimulus Obama has talked about (e.g., broadband subsidies) would be less of a waste of money than, say, simply building more bridges (as Japan did in the 1990s, its “lost decade”) or other reflexively Keynesian responses.  But even so, I suspect that the total amount of funding made available for such projects won’t be anywhere near enough to satisfy the technology policy Left.  

This could result in increased pressure on the Administration to increase regulation of the technology sector in order to implement tech-leftist ideas about “protecting” users’ privacy, promoting media diversity or “fairness”, mandating net “neutrality,” “opening up” spectrum, etc.  Such  proposals might seem attractive precisely because they generally wouldn’t require increased Federal expenditures other than the cost of hiring more bureaucrats (which means more government employee union jobs anyway—hardly a bad thing for Democrats)—while the economic consequences of such proposals for companies and consumers will probably surely be trivialized.  For example, if the advocates of government control at the so-called “Free Press” can’t get universal broadband, they’ll probably press that much harder to cripple online advertising and traffic management by ISPs, just to name two popular bogeymen.obamas-new-new-deal

One might think that a sharp economic decline would cause policy-makers to think twice before undermining the business models that have supported IT innovation and real infrastructure investment.  But one has only to look at the policies of FDR’s first two terms to see how even an amiable, soft-spoken president elected on a mantra of change and “uniting” the nation in a time of crisis could consistently choose to place “Reform” (i.e., increased regulation) over “Recovery” (i.e., the health of the economy)—with devastating economic consequences.

Continue reading →

SHARE: 19 comments

Latest Lichtman podcast on privacy, Sec. 230, online liability

by on December 2, 2008 · 2 comments

Last month, I noted that UCLA Law School professor Doug Lichtman has a wonderful new monthly podcast called the “Intellectual Property Colloquium.” This month’s show features two giants in the field of tech policy — George Washington Law Professor Daniel Solove and Santa Clara Law Professor Eric Goldman –- discussing online privacy, defamation, and intermediary liability. More specifically, in separate conversations, Solove and Goldman both consider the scope of Section 230 of the Communications Decency Act of 1996, which shields Internet intermediaries from liability for the speech and expression of their users. Sec. 230 is the subject of hot debate these days and Solove and Goldman provide two very different perspectives about the law and its impact.

Goldman calls Sec. 230 “pure cyberspace exceptionalism” in the sense that it breaks from traditional tort norms governing intermediary liability. But he argues that this new online version of intermediary liability (which is extremely limited in scope) encourages more robust speech and expression than the older, offline version of liability (which was far more strict). I completely agree with Eric Goldman, but I respect the arguments that Lichtman and Solove raise about the privacy and defamation problems raised by the purist approach that Goldman and I favor.

Goldman also does a nice job dissecting the Roomates.com and Craigslist.com cases. And Lichtman brings up the JuicyCampus.com case during the conclusion. These are important cases for the future of Sec. 230 and online liability. Incidentally, there’s also an interesting conversation between Lichtman and Solove (around the 32:00 mark) about an issue that Alex Harris and Tim Lee have been raising here about the nature of online contracts and the perils of messy EULAs / Terms of Service (TOS).

These are two absolutely terrific conversations. Very in-depth and very highly recommended. Listen here.

[Note: I recently reviewed Daniel Solove’s important new book, Understanding Privacy, here.]

SHARE: 2 comments

Beware the Era of Financial Regulation and its Spillover onto Tech Companies

by on November 25, 2008 · 7 comments

Remember being in grade school when a classmate’s rabble rousing would ruin it for everybody, and the teacher would hold back the class from going to recess? The other students would moan and groan and justifiably feel that punishing the entire class for one person’s misdeeds was unfair. This is what I fear for the tech industry, due to the trouble-making of the financial crisis.

If politicians turn their gaze from the financial sector to tech in 2009, they will likely focus on the issue of personally identifiable information (PII) and privacy. And here’s why.

Now is a tenuous time for all markets.  Our politicians are looking to reassure Americans by regulating areas of the economy where there’s minimal regulation and a perceived lack of transparency. Rightly or wrongly, there’s a perceived lack of transparency in the collection and use of a user’s online data. And the following overarching trends and recent events could combine to further a pro-regulatory privacy agenda in 2009:

  • Criminal Abuse: The Federal Trade Commission estimates that as many as 9 million Americans have their identities stolen each year. Increasingly, identity thieves use online phishing scams to deceive consumers. Phishers and other online criminals exist because more and more of us are in the pond—we store and access our personal and sensitive data online.
  • Private Abuse: The lack of transparency surrounding the failed experiment with NebuAd’s deep packet inspection behavioral tracking by some ISPs.
  • Private Use: The collection of user information is at the center of the web-delivered content and social media that helps define the Web2.0 economy. According to the Interactive Advertising Bureau, Internet advertising revenues for the first six months of 2008 were $11.5 billion, a 15.2 percent increase over the first half of 2007. Search histories and stored cookie profiles help create a user dossier that ad companies use to display specific ads, and to help generate the more than $120 billion in online retail sales expected this year.
  • Market Power: The DOJ investigation of the Google and Yahoo deal based on the market power of Google creates a big brother stigma on all online data collection practices.

Continue reading →

SHARE: 7 comments

Book Review: Blown to Bits by Abelson, Ledeen, & Lewis

by on November 18, 2008 · 20 comments

Blown to Bits coverI’ve just finished reading Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion, by Hal Abelson, Ken Ledeen, and Harry Lewis, and it’s another title worth adding to your tech policy reading list. The authors survey a broad swath of tech policy territory — privacy, search, encryption, free speech, copyright, spectrum policy — and provide the reader with a wonderful history and technology primer on each topic.

I like the approach and tone they use throughout the book. It is certainly something more than “Internet Policy for Dummies.” It’s more like “Internet Policy for the Educated Layman”: a nice mix of background, policy, and advice. I think Ray Lodato’s Slashdot review gets it generally right in noting that, “Each chapter will alternatively interest you and leave you appalled (and perhaps a little frightened). You will be given the insight to protect yourself a little better, and it provides background for intelligent discussions about the legalities that impact our use of technology.”

Abelson, Ledeen, and Lewis aren’t really seeking to be polemical in this book by advancing a single thesis or worldview. To the extent the book’s chapters are guided by any central theme, it comes in the form of the “two basic morals about technology” they outline in Chapter 1:

The first is that information technology is inherently neither good nor bad — it can be used for good or ill, to free us or to shackle us. Second, new technology brings social change, and change comes with both risks and opportunities. All of us, and all of our public agencies and private institutions, have a say in whether technology will be used for good or ill and whether we will fall prey to its risks or prosper from the opportunities it creates. (p. 14)

Mostly, what they aim to show is that digital technology is reshaping society and, whether we like or it not, we better get used to it — and quick!  “The digital explosion is changing the world as much as printing once did — and some of the changes are catching us unaware, blowing to bits our assumptions about the way the world works… The explosion, and the social disruption that it will create, have barely begun.” (p 3)

In that sense, most chapters discuss how technology and technological change can be both a blessing and a curse, but the authors are generally more optimistic than pessimistic about the impact of the Net and digital technology on our society. What follows is a quick summary of some of the major issues covered in Blown to Bits.

Continue reading →

SHARE: 20 comments

Bogus Privacy Fears over Google Flu Trends

by on November 16, 2008 · 16 comments

Declan McCullagh, CNET News’ chief political correspondent, does a nice job debunking the privacy fears about Google Flu Trends that a couple of pro-regulatory privacy advocates have set forth. Flu Trends is a very cool application that uses search terms as an indicator of possible upticks in flu-related illnesses in various regions of the U.S.  Of course, it didn’t take long for some Chicken Littles to rain on the parade with their irrational fears about data privacy. As Declan notes, however, there is no personally identifiable information being collected or shared here. It’s just search term analysis. Moreover, if these privacy-sensitive advocates are really that paranoid about it, they should just just Tor or another anonymizer to cloak their searches instead of calling in the regulators to suffocate another technology while its still in the cradle.

Anyway, make sure to read Declan’s excellent piece.

SHARE: 16 comments

NYT Article on Age Verification & Schools

by on November 15, 2008 · 4 comments

In a big post two months ago entitled “Age Verification Debate Continues; Schools Now at Center of Discussion,” I noted that there has been an important shift in the age verification debate: Schools and school records are increasingly being viewed as the primary mechanism to facilitate online identity authentication transactions. I pointed out that this raises two very serious questions: Do we want schools to serve as DMVs for our children? And, do we want more school records or information about our kids being accessed or put online?

Brad Stone of the New York Times has just posted an important article with relevance to this debate. In it, he points out that:

performing so-called age verification for children is fraught with challenges. The kinds of publicly available data that Web companies use to confirm the identities of adults, like their credit card or Social Security numbers, are either not available for minors or are restricted by federal privacy laws. Nevertheless, over the last year, at least two dozen companies have sprung up with systems they claim will solve the problem. Surprisingly, their work is proving controversial and even downright unpopular among the very people who spend their days worrying about the well-being of children on the Web. Child-safety activists charge that some of the age-verification firms want to help Internet companies tailor ads for children. They say these firms are substituting one exaggerated threat — the menace of online sex predators — with a far more pervasive danger from online marketers like junk food and toy companies that will rush to advertise to children if they are told revealing details about the users.

Continue reading →

SHARE: 4 comments

Book Review: Solove’s Understanding Privacy

by on November 8, 2008 · 24 comments

Solove Understanding Privacy book coverWith the publication of Understanding Privacy (Harvard University Press 2008), George Washington University Law School professor Daniel J. Solove has firmly established himself as one of America’s leading intellectuals in the field of information policy and cyberlaw.  Solove had already made himself a force to be reckoned with in this field with the publication of important books like The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press 2007), The Digital Person: Technology and Privacy in the Information Age (NYU Press 2004) and his treatise on Information Privacy Law with Paul M. Schwartz of the Berkeley School of Law (Aspen Publishing, 2d ed. 2006).  But with Understanding Privacy, Solove has now elevated himself to that rarefied air of “people worth watching” in the cyberlaw field; an intellectual — like Lawrence Lessig or Jonathan Zittrain — whose every publication becomes something of an event in the field to which all eyes turn upon release.

Like those other intellectuals, however, my respect for their stature should not be confused with agreement with their positions.  In fact, my disagreements with Lessig and Zittrain are frequently on display here and, we have been critical of Solove here in the past as well. [Here’s Jim Harper’s review of Solove’s last book, with which I am in wholehearted agreement.]  In a similar vein, although I greatly appreciate what Prof. Solove attempts to accomplish in Understanding Privacy — and I am sure it will change the way we conceptualize and debate privacy policy in the future — I found his approach and conclusions highly problematic.

Continue reading →

SHARE: 24 comments

← Previous Entries

Next Entries →