Category Archives: Privacy

Are y’all getting all these notices about privacy?

privacy

I guess it has something to do with the spectacle of Mark Zuckerberg, all dressed up like Daddy, looking stiff and uncomfortable, like he’s about to have a tooth pulled, in front of first Congress, and now the European Parliament.

Maybe it’s something else. But now it seems every company that I do any sort of business with is falling all over itself sending me notices about its privacy policies.

I suppose I’d know more what it’s about if I read one of them, but I’ve never read anything like that in the past, and I’d just as soon have a tooth pulled myself as start now.

My own privacy policy, which I’ve had ever since we switched from typewriters to mainframes in 1980, is this: “Don’t type anything into a computer that you don’t want to see published for all the world to see.” This was based on bitter experiences with the messaging function we had built in to that mainframe, sort of a forerunner of the text and the IM. We no longer had to shout our “witticisms” across the newsroom; we could privately send them to a chosen recipient. Which meant the comments might take on an edge you would avoid if saying it aloud.

But it only took one or two times of accidentally sending the message to the person the wisecrack was ABOUT to break me of that habit. “Ah, yes… ha, ha… That was a JOKE, you see, one I thought only you would appreciate. Ha-ha-ha!…”

Also — the storage on that entire mainframe system was probably far less than 1% of what you have on your phone. So, in order for the system to keep working, a couple of tech guys had to go into the system every night and delete everything extraneous, including that day’s messages — which they had to call up and look at individually.

Eventually, they got tired of reading the messages between this one woman and man who were carrying on a torrid adulterous affair, using the system as a primary means of communication. And someone had to speak to them. And everyone heard about it.

Hence my rule.

The rule became exponentially more critical when computers became connected to the internet.

Yeah, I suppose I might slip and do something indiscreet one day, but in the meantime I’ve generally managed to stay out of trouble with my policy.

Anyway, are y’all getting these emails, too?

Apple against our duly constituted authorities

In a Tweet on Friday, I put it as plainly as I could in 140 characters:

And since then, I’ve not seen a word that even comes close to justifying the outrageous position taken by Tim Cook. There was certainly nothing in his public letter that excused his behavior.

Probably the most outrageous part of the letter is when Cook essentially condescends to say the FBI’s intentions are no doubt quite honorable, and that Apple has cooperated with authorities (when Apple approved of how it was being asked to help), but the poor, simple creatures just don’t understand what they’re asking now. Fortunately we have the unelected wise men of Apple to countermand the requests of our duly constituted law enforcement authorities.

And I’ve seen quite a bit to confirm me in my view of the matter. Such as this piece today in the WSJ:

Apple was asked to adjust its software that wipes iPhones clean after 10 failed passwords, to enable the FBI to find the password. Prosecutors want this only for Farook’s phone, to “mitigate any perceived risk to Apple iOS software as to any other Apple device.” The local agency that employed Farook owns the phone and wants Apple’s help. “The user was made aware of his lack of privacy in the work phone while alive,” prosecutors note.Apple_Logo_Png_06

There’s no risk to encryption and the dead terrorist has no privacy rights. So what is Apple trying to protect?

The answer, according to the Justice Department, is a “business model and public brand marketing strategy.” Apple admitted as much last year in explaining to a federal court in Brooklyn, N.Y., why it refused to unlock the iPhone of a methamphetamine dealer. The company had unlocked some 70 iPhones in criminal cases since 2008, so the judge was surprised by its sudden refusal.

Apple’s lawyers explained that customers are so concerned about government access to data that compliance with court orders would “substantially tarnish the Apple brand.”…

Yeah, I bet the families of those murdered by the phone’s owner sit up nights worrying about poor ol’ Apple’s brand.

You want to improve your brand? How about not selling me a phone set to destroy all my data after 10 failed passwords?

I’ll anticipate my libertarian friends’ arguments and say you’re right — I don’t understand the technology. And maybe the fact that I don’t believe Apple when it says it can’t crack one phone without making all iPhones immediately insecure makes me an ignoramus. But I don’t believe it. And even if I did, I would consider granting Apple the power to choose which court orders it will obey to be far too high a price to pay for having an unhackable phone….

Terrorists able to hide their communications? Thanks, Edward Snowden!

This one is for those you who think Edward Snowden’s betrayal of his country (“Betrayal of his country?” What a quaint concept! How droll! This old guy is really out of it!) did no harm.

Of course, Snowden fans won’t be bothered by it, thanks to the pied piper effect he has on privacy fetishists. They’ll still think it’s a good thing. But it isn’t.

Here’s what’s going on:

Senate Intelligence Committee leaders are vowing to explore ways to grant more government access to secure communications, after intelligence outfits failed to pick up on direct chatter between the perpetrators of the Paris attacks.

Lawmakers said it was time to intensify discussions over what technology companies such as Apple and Google could do to help unscramble key information on devices such as Iphones and apps like WhatsApp, where suspected terrorists have communicated. Those companies made changes last year to their smartphone operating systems preventing the companies themselves from accessing that information…

“It is likely that encryption, end-to-end encryption, was used to communicate between those individuals in Belgium, in France and in Syria,” said Senate Intelligence Committee Chairman Richard Burr (R-N.C.), following a closed-door briefing for committee members on Tuesday. “It’s a wake-up call for America and our global partners that globally, we need to begin the debate on what we do on encrypted networks, because it makes us blind to the communications and to the actions of potential adversaries.”…

Makes sense. The idea of allowing terrorists to privatize their use of public bandwidth so that they can kill innocents is an outrage, and fortunately one that is easy enough to address — technically, anyway. But there’s a rub, and you probably already know what it is:

Previously, the government could issue a warrant to force tech companies to cough up data from its users. But following the Edward Snowden leaks, and a heightened sense of privacy from the public about the government’s access to personal information, companies began clamping down….

Sure, there are other obstacles, such as Silicon Valley’s greed: As The Wall Street Journal reports,  the problem is “technology companies that sell products based on the promise that corporate data will be secure from hackers and government surveillance.” But politically, I believe that could be overcome, leaving the ridiculous attitude that Snowden has engendered in this country as the main problem.

If we can overcome that, we’ll have taken an important step back toward sanity in our security arrangements.

 

 

Didn’t we all have a right to know Lubitz’ condition?

Right now, it’s leading most national and international news reports:

Which got me to thinking….

In our society, we make quite a fetish of medical privacy. Which makes me wonder — if we were all more open about our health conditions, including our psychological conditions, and didn’t have a legal climate that made disclosing patient information a cardinal sin for providers, might it prevent tragedies such as this one?

I’m not saying I have any idea how to bring that about — it’s so ingrained in us as a significant value. And true, it’s not every day that a pilot deliberately flies a plane full of people into a mountain.

It’s just an idle thought, and probably a complete non sequitur

Columbia’s big CCTV expansion

Smile for Big Brother, Columbia:

 The Columbia Police Department will more than double the number of locations around the city that are equipped with surveillance cameras paid for with public money.

Chief Skip Holbrook said officers are working with Statewide Security Systems, a private company, to coordinate camera installation at 80 new sites. The company already works with the city on 70 locations equipped with 250 cameras.

The current 250 cameras are in Columbia’s entertainment districts or along major business corridors, Holbrook told City Council in a written report.

The new sites stretch across the city from eastern to western and southern to northern boundaries. Cameras are being installed in the Harbison retail district, along Broad River Road, in north Columbia, along Huger and Assembly streets, along Devine Street east of Five Points and along stretches of Two Notch and Garners Ferry roads….

The key element is that the new cameras, like the old cameras, are to be “located in places where people have no reasonable expectation of privacy.” Unlike say, in your shower at home.

Nevertheless, some will object. But you know I won’t. I love Big Brother, a fact which I hope you’ll find occasion to mention next time you’re in front of one of these devices…

As Orkut fades, Facebook gets so full of itself that it starts using us as lab rats

473px-Logo_ORKUT.svg

Two stories today from the realm of social media.

First, the biggest social media platform that you never heard of is shutting down. That’s Google’s Orkut. Never heard of Orkut. That’s OK; it was sort of the Boxcar Willie of social media — it was huge overseas, if not here:

Google’s oldest social network, Orkut, is finally saying the long goodbye. On Monday the Orkut blog announced that Google will end support for the decade-old service on Sept. 30. If you’ve ever used Orkut, it’s time to trudge to Google Takeout—sometime before September 2016—and get your data out of there….

When Orkut gained Google Plus integration in 2012, it seemed like a sign that the end might be coming. But if you never used Orkut and aren’t feeling a wave of nostalgia, it’s because the service was never that big in the United States. In Brazil and India, on the other hand, it was a most-trafficked website for years. Now YouTube and, of course, Google Plus will be Google’s social focus. At least in death Orkut probably won’t be the butt of everyone’s mid-2000s jokes. Ahem, Myspace.

Orkut was actually started a month before Facebook. But what a different fate! Facebook has now become so big, so sure of itself, that it thought it could get away with conducting psychological experiments on its users without telling them. From The Guardian:

Facebook’s second most powerful executive, Sheryl Sandberg, has apologised for the conduct of secret psychological tests on nearly 700,000 users in 2012, which prompted outrage from users and experts alike.

The experiment, revealed by a scientific paper published in the March issue of Proceedings of National Academy of Sciences, hid “a small percentage” of emotional words from peoples’ news feeds, without their knowledge, to test what effect that had on the statuses or “likes” that they then posted or reacted to.

“This was part of ongoing research companies do to test different products, and that was what it was; it was poorly communicated,” said Sandberg, Facebook’s chief operating officer while in New Delhi. “And for that communication we apologise. We never meant to upset you.”

The statement by Sandberg, deputy to chief executive Mark Zuckerberg, is a marked climbdown from its insistence on Tuesday that the experiment was covered by its terms of service. The secret tests mean that the company faces an inquiry from the UK’s information commissioner, while the publishers of the paper have said they will investigate whether any ethics breach took place. Psychological tests on human subjects have to have “informed consent” from participants – but independent researchers and Facebook have disagreed on whether its terms of service implicitly cover such use…

In case you doubt whether Facebook is really, really sorry, check out this photo of Ms. Sandberg shrugging. Which may or may not reassure you…

Aw. Maybe you should have added “Mom,” “Apple Pie,” and “George Washington” to the bill’s name

Why not throw in George Washington?

Why not throw in George Washington?

This happened in Washington this morning:

The House passed a bill Thursday aimed at reforming the National Security Agency’s bulk collection of phone records, a policy that came to light due to documents leaked by former NSA contractor Edward Snowden.

The bill, known as the USA Freedom Act, would shift responsibility for retaining telephonic metadata from the government to telephone companies. Providers like AT&T and Verizon would be required to maintain the records for 18 months and let the NSA search them in terrorism investigations when the agency obtains a judicial order or in certain emergency situations. The bill passed on an 303 to 121 vote.

But privacy advocates, technology companies and lawmakers warned that the version of the bill passed by the House was watered down to the point where they could no longer support it.

“This is not the bill that was reported out of the judiciary bill unanimously,” said Rep. Zoe Lofgren (D-Calif.), a member of the House Judiciary Committee who was a co-sponsor of the initial version of the bill. “The result is a bill that will actually not end bulk collection, regrettably.”…

Aw. Gee. Too bad. Although not really, since there was never anything wrong with bulk collection to begin with.

Maybe the problem is with the way you framed the bill, starting with the name. Maybe “USA” and “Freedom” didn’t give it enough oomph. Maybe you should have added “Mom” or “Apple Pie.” Or “George Washington,” or “Fourth of July.”

Do people have no shame whatsoever in naming these things? In what way is “USA” or “Freedom” descriptive of this bill? Yeah, I know the privacy worrywarts consider mining metadata to be a threat to their liberties, yadda-yadda. But a bill designed to do the opposite could make just as good a case that they are the ones defending liberty.

Of course, their “just as good a case” would still be lame and wrong. When we talk about national security or defense, we often say it’s in the service of “freedom,” as a sort of catchall term for “something in the service of the country.” But often, these things that we justify in the name of “freedom” are perfectly justifiable in the names of other completely legitimate, and actually descriptive, aims. Such as, you know, security. And defense.

Take the “Patriot Act.” It was a counterterrorism bill. You could have called it a lot of things, including an anti-compartmentalization bill, as it scrapped some traditional security measures limiting the flow of information in the name of avoiding another 9/11. But that wouldn’t have been very catchy.

But why not come up with something catchy that actually has something to do with the bill? Like the “Remember 9/11 Act.” And if you’re one of the privacy advocates who favors this more recent legislation, why not call it the “Big Brother Act?” Or, I suppose, “Anti-Big Brother Act.” Since you hold to the ridiculous, hyperbolic notion that this program goes beyond 1984 levels of intrusion. Or name it the “Snowden Act,” since that’s whose wishes and worldview you’re kowtowing to.

Or simply, the “Privacy Act.” That should be a big seller.

As for “USA” — every act that comes out of the Congress is a “USA” act, sort of by definition. How generic can you get?

Anyway, I’d have more respect for some of these bills if they showed more respect for the language…

Another one of those privacy messages that I don’t read

This morning, in her column for tomorrow (that still confuses me; I don’t think any other major columnist in the country writes columns that appear online so long before they do in print), Peggy Noonan was waxing deeply concerned about my privacy, or her privacy, or someone’s (I didn’t read the whole thing; in any case, if it’s someone else’s, it is by definition none of mine, right?):

What is privacy? Why should we want to hold onto it? Why is it important, necessary, precious?

Is it just some prissy relic of the pretechnological past?

We talk about this now because of Edward Snowden, the National Security Agency revelations, and new fears that we are operating, all of us, within what has become or is becoming a massive surveillance state. They log your calls here, they can listen in, they can read your emails. They keep the data in mammoth machines that contain a huge collection of information about you and yours. This of course is in pursuit of a laudable goal, security in the age of terror.

Is it excessive? It certainly appears to be. Does that matter? Yes. Among other reasons: The end of the expectation that citizens’ communications are and will remain private will probably change us as a people, and a country. ..

Later in the day, I got this email from some honcho at AT&T, addressed to me as the holder of a certain numbered account (and the number is none a yer damn’ bidness!):

Dear Valued Customer,

We know your privacy is important, so we’ve made it a priority to talk to you about it. We’re revising our Privacy Policy to make it easier to understand, and we want to point out two new programs that could help us and other businesses serve you better.

The first program will make reports available to businesses. These reports will contain anonymous information about groups of customers, such as how they collectively use our products and services. The second program will use local geography as a factor in delivering online and mobile ads to the people who might find them most useful.

As always, we follow important principles to keep your trust:

  • We are committed to protecting your privacy.
  • We provide you with privacy choices.
  • We will not sell information that identifies you to anyone, for any purpose. Period.
  • We are committed to listening and keeping you informed about how we protect your privacy.

The two new programs are described in this notice, including your privacy choices for each. You can also read the new and old versions of our privacy policy at att.com/privacy.

To provide feedback on the new policy, please write us in the next 30 days at privacyfeedback@att.com or AT&T Privacy Policy, 1120 20th Street NW, 10th Floor, Washington, DC 20036.

Sincerely,

Robert W. Quinn Jr.
AT&T
Senior Vice President – Federal Regulatory & Chief Privacy Officer

Whenever I see anything like that — something that intones, “We know your privacy is important…” — I’m like yes, I suppose so, if you say so, and don’t read further, and move on.

But I appreciated his caring so much. I wondered whether his concern had anything to do with the Snowden stuff. Don’t know. Don’t care.

And it strikes me as extremely ironic that this guy probably gets paid more money than I’ve ever been paid to do anything to worry more about my privacy than I do. I’m more concerned about the fact that today, for some reason, I keep getting myself into sentences that don’t have an elegant way out of them, such as the preceding one, and to a lesser extent this one…

Oh, wait, you know what’s really weird? That AT&T notice came through my ADCO email, not my personal email. I have an AT&T account at home, not through ADCO. Oh, well…

Big Brother doesn’t need NSA to know where you’ve been

Several of the most amazing things I’ve seen technology do in recent years are associated with Google Maps.

Such as the traffic feature.

Look at Google Maps on your phone, and you’ll see how well traffic is moving — or whether it’s moving at all — on the road ahead of you.

Google does this by — Edward Snowden and the ACLU should brace themselves at this point — keeping track of all the Maps-equipped phones traveling on the road. Not only that road, of course, but all roads, all of the time. In real time.

Now, we see that law enforcement can do, and does, something similar by tracking license plates:

The spread of cheap, powerful cameras capable of reading license plates has allowed police to build databases on the movements of millions of Americans over months or even years, according to an American Civil Liberties Union report released Wednesday.

The license-plate readers, which authorities typically mount along major roadways or on the backs of cruisers and government vehicles, can identify cars almost instantly and compare them against “hot lists” of vehicles that have been stolen or involved in crimes.

But the systems collect records on every license plate they encounter — whether or not they are on hot lists — meaning that time and location data are gathered in databases that can be searched by police. Some departments purge information after a few weeks, some after a few months and some never, said the report, which warns that such data could be abused by authorities and chill freedom of speech and association…

You have to pity the ACLU, Rand Paul, et al. They are doomed to worry themselves to death. Because this toothpaste is not going back into the tube.

I liked the way it was put in an explainer of the Google traffic function:

So how does Google know what traffic is like on the roads, nearly all the time? From our smartphones, of course. Whether you like it or not, “telephone companies have always known where your phone is,” Dobson says, because cell phone companies need to use location to appropriately charge customers for calls. That means the companies are constantly monitoring location based on the strength of signal to a cell tower, which allows the phone to switch towers as it travels. Since 2011, the Federal Communications Commission has also required that phones come with GPS, so between the triangulation with cell towers and the GPS requirement, your phone is a marked man….

Now, this has stirred up some controversy about whether the process is an invasion of privacy. But both Dobson and Zhan Guo, a transportation policy professor at New York University, nearly laughed when asked about privacy concerns. That ship has already sailed….

Indeed. One might as well laugh.

Some will say that a private company keeping tabs on your every move, for its own greater profit (and utility, of course) is preferable to the gummint doing so.

I don’t think either is necessarily preferable, just different. And either way, ultimately inevitable.

Gee, and I thought Edward Snowden was protecting me from these kinds of intrusions

Today, my wife got a call from the Target Red Card people, demanding to speak to me because of suspicious charges on the card.

She told them that if they were just noticing that charges had been made across several states in recent days, that it was fine; we had driven to Memphis and back in a short period of time.

She was informed in no uncertain terms that they did not care about her opinion regarding the validity of the purchases; they wished to speak to the primary card holder.

I am the primary cardholder for the simple fact that I made the mistake of filling out a form at the checkout at Target several years back. The young girl at the register asked me to fill out an application for a Target card. I said I might sometime, but I was in a hurry. She begged me to please apply for a card, because unless I did, she could not go on a break. So I filled out the application, and she went on her break.

I thought I was going to get one of those preferred-customer things that people keep on their keychains, which would entitle me to an occasional discount or something. I didn’t realize it would be a Visa card. I would never, ever have applied on my own for a credit card, because we had more than enough of them. And if we had set out to get another card, we’d likely have put it in my wife’s name, because she pays the bills. But this one came in handy. You do get discounts at Target for using it, so we kept it, because we all like Target at my house. My wife and one of my daughters (who was living out of state, and whom we wanted to have a backup for emergencies) each got one later.

At the time, I had two cellphones — one for work, one for personal. The personal one got on the Red Card account. At some point, we shuffled things around, and my wife ditched her old number, took my personal one, and I kept the work one. Hence the call today,

Anyway, I called the Red Card people a few minutes ago to see what they wanted. This took awhile, because I had to punch in the card number, followed by the last four digits of my Social Security number, which the recording claimed was NOT my SS number, but then when I entered all the very same numbers again, I was allowed to speak to a person. After several minutes of explanation, I was told in heavily accented English that everything appeared to be in order.

But please, the lady implored me — in the future, let them know if I leave town. You know, the way you do with a parole officer.

Then, she questioned me about my landline, which I explained that I got rid of a couple of years back. She expressed satisfaction that I was forthcoming with that information, so that they could fix that in their files, too.

Nothing like living in a world in which only the mean ol’ gummint pokes its nose into your comings, goings and communications…