Tag Archives: Privacy

What a buzz-kill

Posted on February 15, 2010 | Leave a comment

Of course by now everyone in the social networking space is aware of the Google Buzz privacy issues and the corrective steps Google has taken. Not to beat up on Google, but this was a totally avoidable mishap. All Google needed to do was keep in mind one simple rule that inevitable invites disaster when ignored:

Always ask first!

If you look at at many of the recent public relations debacles such as the Buzz roll out and the recent Kindle 1984 flap, companies got in trouble for taking actions that they assumed the customer would be OK with. The when it turned out that they were in large numbers, not OK with it, they had to scramble to make amends.

And as I always say, “when you assume you make an ass out of U and, well U”.

→ Leave a comment

Posted in Google, Identity, Privacy

Tagged , ,

Planes, trains, and genitalia

Posted on February 10, 2010 | Leave a comment

Would you expose your genitals to a complete stranger just to get on an airplane? That is no longer a hypothetical question as plans move forward to install scanners in major airports. And this article should disabuse of any notions that the privacy and dignity violations won’t get abused. They already have.

Images of your total body in graphic details will be taken. Those images will be viewed by at least one total stranger. Those images can also be stored, printed, and distributed despite any reassurances you will be given.

Really, how many indignities is too many? When is enough enough? How about random cavity searches? If we don’t push back now that is surely next.

Hit them where it hurts; boycott any airports that put these things in, starting with Heathrow.

→ Leave a comment

Posted in Freedom, Privacy, Security

Tagged , , ,

It’s all in the asking

Posted on October 9, 2009 | Leave a comment

Bob Blakely is getting a lot of attention lately for this post about a report the he and Ian Glazer wrote on privacy. On the one hand I completely agree with him that privacy is a social rather than a technical issue (which is why I have never been that interested in concepts like the minimal disclosure tokens and identity oracles).

But I feel the Bob and Ian give too much emphasis the how your personal information is handled after it has been disclosed rather than the issue of not asking for it to be disclosed in the first place. In other words, no one can abuse private information if they don’t have it in the first place.

Obviously some information needs to be disclosed to drive the required social interactions. But today there is too much information being asked for and I feel that is also a serious violation of privacy. Let me give you an example, following Bob’s Dr’s office example. Suppose you take your child for a check up and the pediatrician asks your child:

Has your daddy ever slept with another man?

You would be appalled at that for several reasons. First, it not remotely relevant to your child’s check up, and second it’s none if his business. Even assuming the Dr would scrupulously keep secret the answer, he shouldn’t even ask the question. I think we can all agree on that. But what if he asks your child:

Is there a gun in your house?

Now how do you feel about that? How is that any different? This is not a hypothetical question either, but a regular screening question asked today by pediatricians across the country. The American Academy of Pediatrics has instructed your pediatrician to routinely screen for household gun ownership because some irresponsible people have left loaded guns where children could get them, and they feel your privacy as a parent has no value. Further they are instructed to ask your children, not you for this information.

And that is just one of many examples where we are asked to divulge personal information beyond what is needed for the social interaction. At the point of asking the privacy is already being violated regardless of what happens to that information later.

→ Leave a comment

Posted in Freedom, Gun Control, Identity, Privacy

Tagged , ,

Gender, ZIP code, and birth date

Posted on September 17, 2009 | Leave a comment

This story from the Electronic Frontier Foundation highlights research that indicates that some ones true identity can often be determined with just the person’s gender, ZIP code, and birth date. According to the CMU study there is a %87 chance that your gender, ZIP code, and birth date are unique.

What is interesting about this is that this kind of data is routinely included in medical records that have been stripped of other personally identifying information (PII) to comply with HIPAA.

→ Leave a comment

Posted in Healthcare, Identity, Privacy

Tagged , , ,

Thin red line

Posted on September 14, 2009 | 1 Comment

This is a rather disturbing story about how police in Idaho are increasingly using forced blood sampling in drunk driving incidents. While the goals are laudable, reducing drunk driving, the violation of personal privacy should be unacceptable to our society.

Apparently the Idaho supreme court has approved of the policy, indicating that they need to go back to remedial law school and brush up on “unreasonable search”.

→ 1 Comment

Posted in Freedom, Privacy

Tagged ,

Good point, bad example

Posted on September 8, 2009 | Leave a comment

Identity Woman is talking about the chilling nature of the new everything is recorded society. She makes the good point that this Participatory Panopticon may have the effect of making people afraid to speak their mind. But she could not have picked a worse example in Van Jones.

Van Jones did not resign because of an unguarded moment between friends. There was no purloined letter. No surreptitious cell phone video. Van Jones is no Michael Phelps.

He was forced to resign because of very public statements that he made intentionally to specific audiences for specific political aspirations. Those statements are now viewed as damaging to the political aspirations of his boss so he must go.

Presenting one face to a group of constitutes while presenting a different face to others is much harder under the rules of the participatory panopticon.

That’s not a bug, it’s a feature.

→ Leave a comment

Posted in Privacy, Surveillance

Tagged , , ,

Cool stuff, in twenty years

Posted on September 2, 2009 | Leave a comment

Felix Gaehtgens calls Microsoft onto the carpet about what it is ever going to do with U-Prove. Kim Cameron responds here with a call for patience. Both make good points, but I fear that as interesting as U-Prove is, it is way too far ahead of the market.

There are two reasons for this; first it is patent encumbered technology. Patent encumbered technologies fair very poorly in today’s market. After a few high profile patent fights, any technology that is patent encumbered is treated like nuclear waste by most vendors. Even if Microsoft adopts fair licensing terms it becomes a “get a lawyer first” barrier to adoption. In twenty years this won’t be a problem (so long is Microsoft doesn’t file for any more patents on related aspects).

Second, it solves a problem that the market doesn’t really care about today (although they should). This is the same problem that the notion of an Identity Oracle has. You haven’t heard much about that idea recently and for good reason. There is just no money to be made with it (yet). The use cases usually trotted out for both of these are typically edge conditions, my favorite being the RU/18 one. It’s like the Hello World of Identity.

The only people who REALLY care if you are over 18 when you buy something are your parents and the government.

In today’s world there are two privacy problems, under sharing and over sharing. Under sharing is when you have to fill out the same stupid questionnaire at every new doctor’s office you visit. Now that is an issue that people care about. I know they care about it because non-computer people complain to me about it often.

Over sharing is when you have to put your home address in to register for something even though shipping isn’t required. I almost never hear anyone complain about that and those that do just put bogus addresses in anyway. Maybe in twenty years the average person will care enough about privacy to worry about over sharing. But not today.

So U-Prove will be cool stuff in twenty years. Maybe.

→ Leave a comment

Posted in Identity, Privacy, Security, Skeptic, Software, Standards

Tagged , , , , ,

Your doctor, the IRS, and you

Posted on August 20, 2009 | Leave a comment

One of the more unfortunate ramifications of the proposed healthcare reforms is that it will inject the IRS into your relationship with your healthcare provider. As John Stossel points out:

Cornell law school professor William A. Jacobson writes that under both the House and Senate plans, the IRS will serve as the enforcer of the rules against individual taxpayers. Doctors will have to report to the IRS the names, addresses, Social Security numbers and coverage periods of their patients.

Both current versions of the legislation slap a %2.5 percent tax on any not covered by medical insurance, so the IRS involvement seems inevitable.

Do you really want the IRS involved in your healthcare?

→ Leave a comment

Posted in Privacy, Skeptic

Tagged , , ,

Is Google the new Halliburton

Posted on August 11, 2009 | Leave a comment

One of the creepier aspects of the previous administration was the perceived influence of companies such as Halliburton. Is Google the Halliburton of this administration? Is it a company that is perceived to have undue influence in how the government conducts business?

That feeling comes across in this article about the government reconsidering it’s use of cookies:

Some privacy groups say the proposal amounts to a “massive” and unexplained shift in government policy. In a statement Monday, American Civil Liberties Union spokesman Michael Macleod-Ball said the move could “allow the mass collection of personal information of every user of a federal government website.”

Personally I have never liked the broad banning of cookies on government site. It seems to reduce the usability of web sites for little gain in privacy. Especially now that most recent browsers have a “porn mode” there doesn’t seem much need to maintain the ban.

But there is a perception that Google is driving this change. That is not a good thing.

→ Leave a comment

Posted in Privacy, Security, Surveillance

Tagged , ,

Browsers anonymous

Posted on August 11, 2009 | Leave a comment

This is an interesting bit about building anonymity into the internet. Unfortunately this article tends to conflate privacy and anonymity.

When people talk about anonymity the usually fail to distinguish between real anonymity and granted anonymity. For instance my ISP could grant me anonymity using one of the schemes discussed in the article. Or I could pay cash to use an internet café computer. In the former my anonymity only lasts so long as my ISP protects it. It is granted and ephemeral. In the later case my anonymity is real to the extent of my ability not to reveal personal information as I browse.

→ Leave a comment

Posted in Identity, Privacy, Security

Tagged , ,