Recently in Privacy Category

CNN.com had an article today that, while in no way dispensing any new information, is something that could be pretty useful for people who a) are brand new to social networking sites or b) have kids who are on or want to be on one.

"I don't want to have to worry about all the different online scandals and problems," says Brown, an education major at St. Joseph College in Connecticut. She'd like to control her personal information and keep it out of the hands of identity thieves or snooping future employers. "It's just common sense."

It sounds like her info is locked down and airtight. But is it?

Turns out, even the privacy-conscious Sarah Browns of the world freely hand over personal information to perfect strangers. They do so every time they download and install what's known as an "application," one of thousands of mini-programs on a growing number of social networking sites that are designed by third-party developers for anything from games and sports teams to trivia quizzes and virtual gifts.


The rest of the article is here, and if you fall into either of the categories I mentioned, you should totally check it out.

I feel the need, again, to make the point that nothing is free.  Not entirely.  If you want the neat applications and you don't want to pay for them they need to be supported by ads.  The ads are more effective and therefor more profitable if they are targeted based upon assumed interests and patterns of behavior.

So should you be careful?  Sure.  Should you whine and moan because your online activity is being tracked?  No, you should just stay away from sites and applications that do the tracking.
Posted to All | Facebook | Internet | MySpace | Privacy
Reuters has a story about how two major consumer groups want to have a "Do Not Track" list created by the FTC.  The list would let you tell the Web at large not to track your information for advertising purposes.

Two consumer groups asked the Federal Trade Commission on Tuesday to create a "do not track list" that would allow computer users to bar advertisers from collecting information about them.

The Consumer Federation of America and the Consumers Union also urged the FTC to bar collection of health information and other sensitive data by companies that do business on the Internet unless a consumer consents.

The call echoed those of other privacy advocates who filed statements with the FTC on Internet companies' use of "behavioral advertising." That is the practice of tracking a computer user's activities online, including Web searches and sites visited, to target advertisements to the individual consumer.


The main concern, and one we would agree with, is that certain, sensitive information not be tracked.  In fact, Andrew wrote an awesome post back on the 10th about a preemptive strike by members of the National Advertising Initiative.  They came up with a list of categories of information that would not be tracked by their ads.

I understand that people find having their digital purchases tracked.  I posted on it myself last week.

Seeing the article made me angry.  I actually got angry.  The sites that (usually) use the targeted ads (or any ads) are usually free to use.  If they aren't charging you a fee and they don't have ads on the site, how in the hell are they supposed to keep the lights on?  If you can tell me how someone is supposed to operate a service for free without advertising, let me know.  Ok, I know some of you are going to say "I don't mind ads but why do they have to track my activity?"  It's all about effectiveness.  A lot of sites get paid by the number of ads that are clicked.  That's why targeted ads are so popular.

If you don't want an advertising firm to see your information you have options -

1) As I mentioned in my post, DON'T VISIT SITES THAT USE TARGETED ADS!!!  No one is making you go to a website.  If you don't like a site's content do you have to go there?  No.  If you don't like the ads do you have to go there?  Same answer!

2) Clear your cache.  If you don't want your history tracked, how about you clear it out every once in a while?  It's like the goddamned V-Chip.  The tool is there, but because people don't want to learn how to use it they'd rather bitch and moan and have the F_C handle it for them (FCC in the case of V-Chip stuff, FTC if it has to do with our current topic).


It's just so maddening that people can't just grow up and take responsibility for themselves.  I feel like we're wasting tons and tons of time and money for something that people can take care of on their own if they'd take about a minute and a half to think about it.

Ok, sorry for ranting.  I'm going to go read about drunken celebs and see what's going on on the Twitter to try and bring back happy thoughts.

Posted to Advertising | All | FTC | Privacy

So I was looking at the Reuters this morning and saw an article that kind of annoyed me.  Not because of the reporting (top-notch) but because the article highlighted a lack of personal responsibility and a certain sense of entitlement that really bugs me.


Many people are uncomfortable with Web sites customizing content to people's personal profiles, according to a new survey.

"There's a creepy factor and a fear of the unknown that people don't want to deal with," said Michelle Warren, senior research analyst at Info-Tech Research Group in London, Ontario.

"The notion that there's a privacy issue in someone's email account hits a little too close to home for some," she added.

Nearly 60 percent of 2,513 people in the United States questioned in a Harris Interactive poll said they were uneasy when Web sites use information about personal online activity to tailor advertisements or content.

 

In a nutshell, the story related how a lot of people are uncomfortable with websites tracking their activity for the purposes of targeted advertising.  I understand that some people find it creepy, but it's nothing new. 


Posted to All | Internet | Privacy | Technology
In an ideal world, they could only hold your data for six months, according to recommendations of a European Commission advisory board, as noted by the BBC.


Search engines should delete personal data held about their users within six months, a European Commission advisory body on data protection has said.

The recommendation is likely to be accepted by the European Commission and could lead to a clash with search giants like Google, Yahoo and MSN.

Google and Yahoo anonymise user data after 18 months, while MSN does the same after 13 months.

The body said search companies were not clear enough on data protection.

...because they don't have to be. They also aren't clear on how data is aggregated, collected, and packaged for sale either.

Google said its privacy policy "strikes the right balance" between privacy, security and innovation.

Do they mean innovation in search, or innovation in selling ads? 


Peter Fleischer, Google's global privacy counsel, said in a statement: "Google takes privacy incredibly seriously; protecting our users' privacy is at the heart of all our products.

Is that why you index your users' email to provide them keyword-based ads, Mr. Fleischer? You mean security, not privacy. Privacy would mean that your systems don't scan every piece of mail to serve up contextual ads that have to do with the messages they're viewing. Privacy would mean that Google probably couldn't monetize nearly as much as it has. Privacy is the opposite of revenue for an operation like Google.


"It is the reason we were the first company to commit to anonymising our search logs, and also why we dramatically shortened our preference cookie lifetime."

Can we please stop using cookies as the be-all and end-all of privacy? Cookies are benign. You can set a short lifetime, but collect incredible loads of data with it. You can also collect cookies from other sites to see what your users are doing when they aren't on your pages. 

Red herrings all around. Six months should be good enough to satisfy privacy advocates and people who scream about terrorism and child pornography. Compromise works, eh?

The report also says that search engines should allow users to " access, inspect and correct all the personal data about themselves held by search engines, including their profiles and search history. "

I'm a bit confused as to what that means. Wouldn't law enforcement hate it if you could sanitize your search history? But, wouldn't there be a record of the correction? How would the company handle those records? The phrase "chasing ones' tail" comes to mind.

Now, will the U.S. consider a similar law? I wonder who will make the push for it, and how many dollars will be spent to lobby against it. 
Posted to EU | Google | Privacy

We missed something. Too much about the toy, not enough on the game.

I'm reading Alex's post about Western Union's new "send money by prepaid phone" service and I can't help but think there is an invitation for regulatory disaster here.

I've had to send money with Western Union once in 25 years, to a friend who was stuck in Michigan with maxed out credit cards from a ticket and impound lot, who needed cash to fill up his car and drive back east.

When I called Western Union, they asked me a whole bunch of questions to verify who I was. They had my addresses going back five years (even my college dorms) and I had to think back to remember my old home phone number growing up (301-229-9041) and even some details about my parents.

The beauty of prepaid phones, however, is that they offer some level of anonymity by disconnecting the phone number from an identity. This is useful for say, people who are whistleblowers or sources for journalists, or even for plain old privacy-minded people who are willing to pay a premium to not have a name associated with their phone.

Western Union, which discontinued their signature telegram service last year, now makes their money taking a cut of funds that people send using their network. Those remittances that enterprising immigrants send home (which are, incidentally a huge part of the global economy) make up a massive pool of funds. For instance, Ghana's economy recieved $4.5 Billion in remittances from abroad in 2005, a huge chunk of that country's GDP.

In the U.S. many undocumented/illegal immigrants get paid cash. They send this cash home via Western Union. No tax is paid at any point, except perhaps by WU. On the other hand, this is cumbersome because of the paper trail required. Let's go back to me trying to send $150 tp Michigan. They knew everything about me. I'm sure they collect just as much information on Joe Blow trying to send cash, because they've been an easy target for money laundering and other underhanded enterprises. They cover their butts.

Another thing, if sending money is going to be so easy domestically, isn't the Government going to want a cut, or want to watch the sums moving around from phone to phone? I'd like to see the privacy policy associated with this service. Is reloading my phone with minutes going to be as document-heavy as sending money? Will I have to fill out a form, or will I just be able to buy a "card" with cash, no questions asked? Can you see where this is going?

Now, if I buy a prepaid phone from this service, am I going to have to document myself the same way? What if this becomes more widespread? Could this new "feature" spell the end of the disconnection of number and identity?

If so, the prepaid phone market will be all but dead, except to those who have no other choice. What bothers me about it is that right now, I have a choice, and should continue to have a choice whether or not to be anonymous. I'm afraid that in their zeal to open a new market, Western Union could make it an attractive option for the Government to take that choice from me.

I hope not.

Posted to Bad Business Ideas | Mobile Phones | Privacy
DSC_0288.JPG

Brian Knapp is Chief Privacy Officer for loopt, the "mobile social networking" company recently promoted by Sprint-Nextel and Boost Mobile using those adds with people wearing fat suits floating in swimming pools. Knapp describes loopt as "a mashup of google maps and twitter..." (a thousand web 2.0 marketers heads just exploded, but he's pretty spot on, actually).
 
 We took advantage of some downtime here at TPS to talk about his service, why it's cool, semantic games like "tracking" versus "location sharing", and, most importantly, how entreprenerus and innovators with potentially controversial technologies can get out in front of the doomsayers, horror stories and local news anchors. I'm very impressed by "where he's at" on how tech entrepreneurs can deal with Washington. Finally, a company that has the right idea. 

Posted to Congress | Interviews | Privacy | Social Networking | Tech Policy Summit | Telecommunications | Wireless
Another great panel I got to late (since I was at the last one). 

Left to Right (picture to come)

Mozelle Thompson (host)
John Thomaszewski, VP Policy/Compliance, TRUSTe
Shawn Broderick, CEO, TrustPlus
J.R. Reagan, VP and Managing Director, Bearing Point

I walked in as Facebook came up, and the topic was liability for third party use of information you post, including a lawsuit where someone sued for using someone's likeness off of Facebook w/o permission. (Full Disclosure: Thompson is a consultant for Facebook). I'd note that Facebook's TOS lets them use your picture to promote them.

Of course, the discussion led to generational differences in sharing of information, my favorite topic, aka "audit trails." I asked the Panel the question that I've been asking for weeks now, in that whether or not these online "life audit trails" will be a problem and how to deal with them.

Also, who owns the data?

Both Thompson and Thomaszewski (who w/ TRUSTe certifies Facebook's privacy practices) noted that the Terms of Service and Privacy Policies need to gybe, and that a generational shift is needed to get people totally comfortable with as it was put, "more truth, all the time."

Good answers. 

I like Facebook, I like the people. I'm getting more convinced on their earnestness on privacy. I still want to know about Data Portability, but the more I hear about their privacy concepts, the more I trust them. 

There are some good things happening. I may be a skeptic, but they're bringing me around.

Posted to Facebook | Privacy
Yes, that magazine has noticed what I've been pointing out for a while, that your data on Facebook is theirs for the purpose of selling it to third parties, and they don't want you to have it back. 

I've repeatedly contacted them about the "where did the CSV export feature go?" issue and gotten silence, but now even The Economist has noticed that they keep you on the site to keep you looking at the data, and the ads.

The opening of social networks may now accelerate thanks to that older next big thing, web-mail. As a technology, mail has come to seem rather old-fashioned. But Google, Yahoo!, Microsoft and other firms are now discovering that they may already have the ideal infrastructure for social networking in the form of the address books, in-boxes and calendars of their users. "E-mail in the wider sense is the most important social network," says David Ascher, who managesThunderbird, a cutting-edge open-source e-mail application, for the Mozilla Foundation, which also oversees the popular Firefox web browser.

That is because the extended in-box contains invaluable and dynamically updated information about human connections. On Facebook, a social graph notoriously deteriorates after the initial thrill of finding old friends from school wears off. By contrast, an e-mail account has access to the entire address book and can infer information from the frequency and intensity of contact as it occurs. Joe gets e-mails from Jack and Jane, but opens only Jane's; Joe has Jane in his calendar tomorrow, and is instant-messaging with her right now; Joe tagged Jack "work only" in his address book. Perhaps Joe's party photos should be visible to Jane, but not Jack.

This kind of social intelligence can be applied across many services on the open web. Better yet, if there is no pressure to make a business out of it, it can remain intimate and discreet. Facebook has an economic incentive to publish ever more data about its users, says Mr Ascher, whereas Thunderbird, which is an open-source project, can let users minimise what they share. Social networking may end up being everywhere, and yet nowhere.

I'm going to give them another chance to tell me what happened to their "export contacts" feature and just come clean. Then I'm going to start talking about something I'm going to start using in the daily content here. It's a really cool technology.

It's going to let you interact with us in more ways than comments. It does everything Facebook does, but with more privacy and respect for the user. It's really, really cool and I'm a big believer in it. 

Wait.
Posted to Bad Business Ideas | Facebook | Privacy | Social Networking
...went off without a hitch. We talk about managing your reputation online, running for office, etc.


Posted to Privacy | Technology
Interesting note: Estonia has a national ID card which ties into an OpenID provider. Theoretically could be a framework for e-voting in America, and since OpenID is not centralized, you could have an OpenID for your state, local, work, etc identifications. No need for a national ID card for OpenID to allow real-world trust mechanisms to tie into online services.

Also, if no one realized it, Yahoo! already does alot of OpenID.

Pictures will be on the Flickr stream...

Panel:

George Fletcher - AOL OpenID architect
Andy Smith - Google
Simon Willison - Freelance OpenID Evangelist
David Recordon - Six Apart
Artur Bergman - Wikia

More later.

Posted to Privacy | SXSW | SXSWi
So, a chance encounter in the hallway at SXSW with Mark Zuckerberg yielded some interesting results.

A) He's actually far less BillG like in a conversation as opposed to watching on a stage. 

B) Not tone-deaf on privacy. After speaking with the guy, I can say that he does understand that  getting out in front of Washington is something that needs to happen, and that really, privacy is a priority at his shop. 

I'll be more impressed when I see it, but I'll give them a bit of the benefit of the doubt for now.
Posted to Privacy
Just heard a fantastic book reading by Andy Beal about online reputation. Yesterday, I wrote at length about the increasingly opt-in nature of privacy and how it could have implications for future generations who are the "early adopters." Beal's book, Radically Transparent, appears to have a really good handle on many of these concepts, and although it's geared more towards business should be a good read for anyone who creates their own content, maintains a profile anywhere, or contributes to discussions or communities. 

I hope to have Andy on a interview here in the near future. 

Plus, extra, extra, extra special guest next week. Trust me, this one is gonna be good.

Pictures and more as I upload them at Flickr

Posted to All | Privacy

Defining privacy

| | Comments (2) | TrackBacks (0)
There is no shortage of commentary on how the Internet will only become more important in campaigning, or how social networks will allow for more "transparent" life styles, and that keeping something private will be politically worse than total, Too Much Information style openness.

That's the crux of an exchange I had during a panel with Facebook's Adam Conner, who believes that it will, at some point , become more odd for a potential candidate for office to not be "totally vetted" by their own online audit trail than not, and that any attempts to restore one's own privacy will be treated with suspicion. 

I think Adam and I are on the same page with many of these issues. Growing up online, as I have, I've always understood that what I write or post or upload is, well, forever. It never goes away. Potential employers 20 years from now will probably read these words. I have a message for those employers of the future: Hire Me!

Seriously, though. Justice  Brandeis once said: 
"The makers of the Constitution conferred the most comprehensive of rights and the right most valued by all civilized men--the right to be let alone." 

I found his assertion that the lack of a trail or the attempt to reclaim privacy would be viewed more suspiciously than complete and totally openness to be quite troubling. I live an open lifestyle. My phone number, address, email address, etc are readily available to anyone who wants to contact me. I have had the same personal email address since 1998. I have very few secrets online. There are no embarrassing photos or rants or screeds that I would regret. Perhaps this is because I grew up in the Open Source culture on archived lists, and on USENET, archived by DejaNews.I'm used to not having privacy, in that sense. When I send someone an email, I know once I click send, it's gone. Forever.

On the other hand, what I don't think anyone, including panelists at Politics Online, has acknowledged, is that there are simply more places to give up your privacy now, and that very few people "lurk," or wait to speak until they understand the discussion in progress. 

There is also very little common 'net culture anymore. The geeks, academics, and scientists who once defined convention have been replaced by corporate interests, by design "experts" and yes, by user-created content. Nothing is wrong with user-created content. It all used to be user-created. But we could take it down, or keep it from being archived if we wanted to. Now, people don't know how to use robots.txt, and privacy controls are opt-in, not opt-out, if at all. Only Thunderbird lets you use an X-No-Archive header, and it's not easy. But I digress.

I guess the point is, those of us who remember privacy, remember that it was taught. Now it's just scaremongering. We don't tell our kids to what what they write because it's archived, we tell them to avoid sexual predators because that's what we see on TV. 

I don't have much of a USENET trail because I didn't let Dejanews keep my messages. What I had to say then, is what I had to say. It's not that I'm ashamed, it's that I wanted my record to be the record that I chose to leave. When I interview someone, if they say "off the record," the microphone goes off. We need an off switch, and we need to teach people to use it. Not out of fear, but out of respect.

With all the talk that I expect to hear at SXSW about kids online, user-generated content, etc, I doubt I'll hear a single word about teaching kids to opt out. Too much fear, not enough knowledge.

Does someone want to prove me wrong?

See you in Texas.
Posted to Internet | Privacy | Rants
and they've got their one long ball hitter...the news has already been reported, and the press release is out. Facebook has hired a COO, and not just any executive, it's Shoeless Joe Hardy Google's Sheryl Sandberg.

As COO, Sandberg will be responsible for helping Facebook scale its operations and expand its presence globally. Sandberg will manage sales, marketing, business development, human resources, public policy, privacy and communications and will report directly to Facebook's CEO Mark Zuckerberg.

Note the last three in her portfolio...Sean Garrett has some idea of what that means.

First off, before she was at Google, she was Chief of Staff to the U.S. Treasury Secretary under President Bill Clinton. She carried this DC experience to Google where she was one of the few executives there openly and actively involved in politics. 

So, does this mean that Facebook will get on offense and start to protect their own interests? At least the powers that be at Facebook know where to compensate for their weaknesses...she's got Washington experience, knows the game, and has actually graduated from Harvard. Twice.

One long ball hitter...



Posted to Lobbying | Politics | Privacy

Later we'll have details on a new Facebook privacy concern.

 

Possibly (hopefully) with comments from Drew Clark, Commissioner Adelstein and Professor Tim Wu.

Posted to All | Internet | Politics Online 2008 | Privacy

Of course, these lawsuits are consolidated into five before a judge in San Francisco, home of the Ninth Circuit, known for being ultra-liberal and oft-reversed. Let's assume that any of these cases are allowed to continue. Eventually they will be appealed to the Ninth Circuit, unless they are somehow moved to a more convenient (and conservative) location, such as the DC or Seventh Circuits...but we'll stick with the Ninth for now.

One of two things will happen:

  1. Either the Bush Administration will appeal to the Supreme Court, with Anthony Kennedy being the crucial vote, unless something unexpected happens and a non-hack like Scalia or Thomas has one of their occasional displays of backbone.
2.  Congress will intervene and grant the Telecoms retroactive immunity.


All discovery has been blocked so far by the administration's argument, still awaiting court resolution, that the suits are barred because they involve state secrets. What tantalizing clues about the surveillance have emerged so far have come from affidavits entered into the record by the plaintiffs.

If the AT&T case is allowed to proceed, for example, the plaintiffs will ask a judge to consider documents provided by a former AT&T technician, Mark Klein, that suggest a massive effort by the National Security Agency to tap into the backbone of the Internet to retrieve millions of e-mails and other exclusively domestic communications.

The government, in a brief before the U.S. Court of Appeals for the 9th Circuit in San Francisco, has denied the existence of any "dragnet" surveillance program. In the cases against the telecommunications firms, Justice Department attorneys have argued that merely to confirm or deny any "intelligence" relationship with AT&T or any company "could reasonably be expected to cause exceptionally grave damage to the national security."

Though the carriers have argued that they are barred from defending themselves against the allegations because of the government's invocation of the state-secrets privilege, at least one carrier, Verizon, has stated in regulatory filings that the cases against it are without merit.

Which one is it, Verizon? Immune, or without merit? That could be a problem if this goes further...
Posted to Politics | Privacy
With the Democratic-led House leading a shaky blockade against the Bush administration's plan (well, Bush and Sen. Jay Rockefeller (D-AT&T)) for telecommunications companies to receive retroactive immunity against lawsuits for their participation in any illegal warrantless wiretapping, many Republican lawmakers and candidates are wondering why there isn't more campaign cash flowing in from those same companies. Roll Call elaborates:

Like most corporate interests with a heavy stake in Congressional action, the major phone companies significantly boosted their contributions to Democrats last year after the party surged back into the majority.

But giving by that sector is getting special attention from Republicans now that the debate over the surveillance program is front and center -- and focused on the phone companies' role in aiding the Bush administration after the 9/11 terrorist attacks.

"It's quite discouraging," said one GOP leadership aide, referring to the disparity in giving from the telecommunications industry in light of the FISA debate, but also the broader lack of support for Republicans from the business community in general.

"These companies just won't do anything," the aide said. "Even when you have the Democrats working against their bottom line."


I love stories like this, especially since my Congressman, Rep. Chris Van Hollen (D-MD-8) is one of the leaders of the Democratic Congressional Campaign Committee, which has beat their GOP counterparts by $32 million dollars this cycle, and it's only March.

On the other hand, is it really true that Big Telecom has gone soft on the Republicans? It might be safe to say they're now acting like any smart business and hedging their bets. 

Of the four major phone companies, only Sprint is now favoring Democrats overall, giving the majority party about 57 percent of their PAC contributions, according to CQ MoneyLine.

The other three companies, AT&T, Verizon and Qwest, still give a majority to Republicans but by slimmer margins than in years past.

AT&T gave Democrats 38 percent of their PAC dollars last year, up 8 percentage points from the 2006 cycle; Verizon gave them 47 percent, up 10 percentage points from the last cycle; and Qwest gave them 49 percent, a 22 percentage-point boost over 2006, according to records from the FEC and CQ MoneyLine.

So, really the problem isn't that they're not donating, it's that they're donating more equally than they were before the 2006 elections, when there was a GOP lockdown on both chambers. 

Also, there is another issue in play here. Remember, Qwest never participated in the program, and doesn't care about retroactive immunity. What the three companies that still give majority GOP have in common is that they own the fiber backbones that make up the telephone network. Sprint, on the other hand, is not a backbone owner and instead relies on the other 3 to carry its' long distance wireline traffic, and pays a rate set by the FCC for the privilege. Remember, Sprint was always a long-distance reseller, never a Local Exchange Carrier. See the map:



While it's sexy to talk about wiretapping and immunity, the real battle is, as always, over "open access" and fees. Ed Markey (D-MA), Chairman of the House Energy and Commerce Subcommittee on Telecommunications and the Internet, held a hearing on this subject last fall, and after the conclusion of the 700mhz auction, I would bet on more hearings being held over the question of wireless "open access" fees.


Insider tip: the key person to watch on these issues isn't actually Rep. Markey, or even the E&C Chairman, Rep. John Dingell (D-MI). On open access and net neutrality issues, there is not expected to be much progress before this year's election. There is also a persistent buzz that when the 111th Congress convenes in 2009, the Energy and Commerce Committee may be chaired by Rep. Henry Waxman (D-CA) instead of Dingell. The current E&C Chairman, who at 53 years of service and counting, is the longest-serving member of the House, looks a bit long in the tooth to some Hill watchers. While Waxman is no spring chicken, he has a reputation as an "attack dog" and would be a worthy adversary for Big Telecom.

Stay tuned.

Posted to Congress | Election | FCC | Internet | Net Neutrality | Politics | Privacy

A U.S. Districts Judge went back on his decision to prohibit a website from posting bank records from various off-shore banks.  The initial deceision was based on a lawsuit filed by a Swiss Bank, Julius Baer.

 

Here are some of the details from Reuters.com

By Philipp Gollner

SAN FRANCISCO (Reuters) - A U.S. judge on Friday reversed his earlier ruling shutting down a Web site with private bank data from Switzerland's Julius Baer Holding AG.

U.S. District Judge Jeffrey White reversed his February 15 order after hearing arguments by attorneys from the American Civil Liberties Union and other free-speech groups that his decision amounted to unconstitutional prior restraint.

"There are serious questions of prior restraint and possible violations of the First Amendment," White ruled from the bench in his San Francisco courtroom.

"The court has serious questions whether those concerns raised before the court make the granting of the relief requested by the plaintiffs constitutionally appropriate," he added.

White ruled that Baer, based in Zurich, could continue with its lawsuit against the Web site, Wikileaks.org, and Dynadot LLC, the Web site's domain-name registrar. White had issued a permanent injunction on February 15 ordering Dynadot, based in San Mateo, California, to disable the Wikileaks.org domain.

Baer had sued Wikileaks and Dynadot earlier this month after the site posted documents including bank records of about 1,600 clients with accounts in a Baer subsidiary in the Cayman Islands.

 

So the ACLU is defending the consitutional rights of someone who is posting other people's bank records on the internet.  Maybe it's my immense lack of any sort of legal training or degree (remember, I am NOT a lawyer) but common sense would seem to agree with the original ruling, which I'll paraphrase below -

 

Don't publish bank records that aren't yours on the internet!

 

I was going to write more, but I'm quite frankly baffled.  The article goes on to say explain how Swiss banks are used as a haven for the wealthy looking to hide their money from the IRS.  It also mentions that the poster of the records is a self-proclaimed "whistle-blower."  That's all well and good, and maybe the use of Swiss and other off-shore banks to facilitate illegal activities should be put into the spotlight.  But placing private citizens' bank record on the web for quite literally the entire world to see is not the right way to do it.

 

Committing one crime to expose another just weakens your cause.  It sucks, but you need to stay within the law in order to enforce it.  Sure, the Batman lover in me says "The system doesn't always work.  Get the crooks by any means.", but this isn't Gotham.

 

As much as I'd love to see the "bad guys" get taken down I don't want a precedent set where anyone who gets a hold of my bank records (and it wasn't mentioned how the records were obtained) can post them for all to see.  Granted, it's because I have so little money that it would be painfully embarassing, but I think you all see my point.

 

If anyone wants to weigh in, please leave a comment.


Posted to All | Courts | Free Speech | Internet | Privacy
So one of my regular reads is the Google Blog. Recently, I've been writing about some of their entries, and it's been driving some traffic this way since they link to posts that link back to them.

Today around 10:30 am I read a post on Google Blog about their new Google Health product that described it and showed some screen shots. I thought "wow, that's a bad idea" and I so I took a lunch break, threw together my thoughts and posted them here on this site. The post went live at 12:00pm EST.

Now, I had been busy at work, but earlier (around 9:45am EST) I had checked the Google Analytics for the site and the visitor count was low since neither Alex nor myself had posted anything new since last night (2/27/07). Maybe an hour after I posted I went back and was a bit shocked, the visitor count had gone through the roof. I looked at the Google Blog, and out of all the links shown on the "Links to This Post" list, mine was the only one with a remotely critical title, "Google Health is Frightening." The rest were either simply linking or re-reporting with various degrees of fawning and praise going on. Yet, there was my post on how I thought it's a horrible idea, and that any doctor would be insane to use it, and that there were probably legal issues that hadn't properly been considered.  It was maybe the 5th link in the list.

Around 4:00PM EST I noticed the hit count slowing. I went back to the source (the original Google Blog post), and lo and behold, the post had every single link/trackback deleted.

Not only that, but they turned off the trackbacks for every single post on the blog, but didn't remove the presence of the feature from their front page template! Look! Straight-up cut-and-paste job from their front page as of 10:30PM EST:

Here is a screenshot deeper in the application:



We're proud of the product that we've designed and are continuing to build, but recognize that we are just at the initial stages of our "launch early and iterate" strategy. We look forward to the feedback we will receive from our Cleveland Clinic pilot, from all of you, and from the initial users of our service when we make it publicly available in the coming months.


Posted to Bad Business Ideas | Capitol Valley Media | Censorship | Free Speech | Google | Health Care | Privacy | Rants

That's right. Google wants to host your medical records. Last week they announced a partnership with a clinic in Cleveland, OH. Now they're talking more about the product itself. Here's the scoop from Google Blog:

 

  • Platform - One of the most exciting and innovative parts of Google Health is our platform strategy. We're assembling a directory of third-party services that interoperate with Google Health. Right now, this means you'll be able to automatically import information such as your doctors' records, your prescription history, and your test results into Google Health in order to easily access and and control your data. Later, this platform strategy will mean that you will be able to interact with services and tools easily, and will be able to do things like schedule appointments, refill prescriptions, and start using new wellness tools.


  • Portability - Our Internet presence ultimately means that through Google Health, you will be able to have access and control over your health data from anywhere. Through the Cleveland Clinic pilot, we have already found great use-cases in which, for example, people spend 6 months of the year in Ohio, and 6 months of the year in Florida or Arizona, and will now be able to move their health data between their various health providers seamlessly and with total control. Previously, this would have required carrying paper records back and forth. With Google Health, the user can simply import the data from each medical facility and then choose to share it with the other facilities. It's advances in data portability like this that we think can really make a difference in the quality of healthcare. The clearer and more comprehensive the information regarding your health becomes, the better your care will be.

I'll be clear. I like Google. I think they mean well. They've got a ton of smart people there. On the other hand, the idea that my medical records are stored somewhere central, indexed and made available to anyone who can get access to the machine (as opposed to my doctor keeping his own records and sharing them when I tell him to) goes completely counter to my sense of privacy. Some things are best kept difficult. Sharing confidential records of any short should be one of them. To be honest, I think anything you want to keep secret or confidential should be on paper. My doctor, who is a pretty young, tech-savvy individual, uses a tablet PC to take his charts, and he's been kind enough to print his notes and stick them in a paper file.

Why do I ask him to do this when I don't have anything to hide? When there is no paper, there is no paper trail. If I know that only my doctor has my records, if they show up anywhere else, I have a pretty good idea of where they came from. If they're hosted on Google's machines, I have no idea who is doing what with my data.

Would this extend to mental health records? Imagine if you went to a therapist, marriage counselor, rehab, whatever, and those notes and records were online for "easy access." I want it to be a total pain in the neck for anyone to get them. I want it to be difficult for me to get them sent to anyone.

I switched Dentists this year. To transfer my charts and X-Rays, I had to call my old dentist, have them fax my new dentist a release form, which I signed in their presence, which they faxed back to my old dentist, who put my charts and X-Rays in a tracked, signed for FedEx envelope. It took some time and it was annoying, but my privacy was protected. Remember, there are many medical conditions that are illegal to disclose in the U.S. Imagine if a misplaced setting on this Google Health inadvertantly released people's genetic records or HIV status? I wonder what Andrew Sullivan, the Internet's favorite HIV+ pundit has to say about this.

People's medical records contain all kinds of things that are nobody's business but their own. Any doctor or hospital that would outsource their record-keeping, which is one of the most important things that a doctor can do for a patient (keep a good chart), is abdicating their responsibility and calls into question whether they value convenience over ethics. The doctor-patient relationship, including medical records, has long been considered sacrosanct. For a company like Google to actually want to offer this as a service says more about their arrogance than the system itself does about their capacity to innovate, and for any doctor or hospital to buy or use it would, to me, be a violation of trust.

There are those in Washington and around the country (Paul Krugman is one) who believe that electronic, portable charts are the key to universal health care. Krugman regular cites the Veterans Administration as an example, since they use some electronic records. The big difference is a) they keep it in-house, and b) they are a single organization. If I wanted to send my VA records to a private doctor, I would have to jump through way more hoops than just telling Google it's OK...and I should have to. Hillary Clinton regularly throws out "e-charts" as the solution to all our problems, and more centralization of records was a big part of her failed 1993 "Hillarycare" plan that she is so loathe to discuss now.

This should not be easy.

Google should be commended for trying to simplify health care record keeping, but this is an arena where they should keep their mitts off. If they want to sell a "black box" turnkey solution for internal record keeping, go for it, but I will still insist on paper. Host my records for me? Go away.



Posted to Google | Health Care | Privacy

Eager to nail a corporate head to the wall in the mold of his predecessor Elliot Spitzer, New York Attorney General Andrew Cuomo has (according to AP, via The Register) has issued a subpoena for traffic data for Comcast's New York subscribers, despite the company's relatively small footprint in the state.

Cuomo may be a small fish for the company to worry about. When FCC Chairman Martin says things like

"While networks may have reasonable practices, they obviously cannot operate without taking some reasonable steps...but that does not mean they can arbitrarily block access to certain services."

you know you might have a problem. Martin (R), whose tenure at the FCC has been known for fines as massive as his love for deregulation, may join fellow Commissioners and usual suspects Michael Copps (D) and Jonathan Adelstein (D) in issuing an official order and possibly fining the nation's largest Cable TV provider and ISP for their throttling of BitTorrent traffic and subsequent attempts to cover-up or obfuscate the issue.

Martin has indicated his unwavering support for competition in all arenas, and although one would suspect he would naturally side with the business, the fact that Comcast operates a "competing" Video service throws a wrinkle into what would otherwise be a clear-cut "reasonable network management" practice. Also, Martin and several of his colleagues were adamant in their desire to encourage more disclosure and transparency in broadband subscription limitations.

 

Meanwhile, the Electronic Frontier Foundation has sued the U.S. Department of Justice. Again. They're curious to hear about discussions, negotiations or conversations between Google and Jayne Horvath, who was USDOJ's first "chief privacy and civil liberties officer" in 2006, when Google fought off a subpoena for a massive amount of search records. In an extreme cross-country case of "DC revolving door," Horvath is now Google's senior privacy counsel.

According to EFF counsel David Sobel, "

Google has an unprecedented ability to collect and retain very personal information about millions of Americans, and the DOJ and other law enforcement agencies have developed a huge appetite for that information...We want to know what discussions DOJ's top privacy lawyer had with Google before leaving her government position to join the company."

I'm not a conspiracy theorist by any means, and I'm certainly us