Tracking

By Brad

Last week, the Wall Street Journal revealed that smartphones from Google and Apple were quietly collecting data culled from the devices on user locations. As Sara Jerome of The Hill reports, this news isn’t sitting well with at least one member of Congress:

Rep. Edward Markey (D-Mass.) called for a congressional investigation into the privacy practices of leading technology companies in the aftermath of reports that smartphones quietly store detailed information about users’ location.

Both Google and Apple have defended the data retention.

Please Forget About Me

By Brad

Anyone who has posted something embarrassing online — whether it’s a regretful photo or a screed penned during a fit of anger — is well aware that in the Internet age things rarely go away. But as Matt Warman of The Guardian reports, the European Union, which has been aggressively tackling privacy issues lately, wants to give people the power to erase past online sins:

The proposed EU rules are called “A comprehensive approach on personal data protection in the European Union”, and suggest that an online “right to be forgotten” and to privacy could be enshrined in criminal law.

The “right to be forgotten” would give users the power to tell websites to permanently delete all personal data held about them.

Settling the Buzz Debacle

By Brad

Last February, Google jumped on the micro-blogging scene when it launched Google Buzz. Things didn’t quite go as planned, however, and the launch quickly fired up privacy concerns. Now, over a year later, the online search giant has settled with the Federal Trade Commission over the botched launch. Jacqui Cheng of Ars Technica reports on the settlement:

Google is barred from misrepresenting privacy settings to its users and must now obtain consent before sharing information with third parties—including when Google makes any sort of change to its existing services. Google also must establish and maintain a “comprehensive privacy program” for the next 20 years. The Commission voted unanimously in favor of the settlement agreement.

Google’s take on the settlement is posted on the company’s official blog.

Tapping the Net

By Brad

Declan McCullagh of CNet reports that the FBI is gearing up to make a major push for Internet wiretapping powers:

FBI general counsel Valerie Caproni will outline what the bureau is calling the “Going Dark” problem, meaning that police can be thwarted when conducting court-authorized eavesdropping because Internet companies aren’t required to build in backdoors in advance, or because technology doesn’t permit it.

Any solution, according to a copy of Caproni’s prepared comments obtained by CNET, should include a way for police armed with wiretap orders to conduct surveillance of “Web-based e-mail, social networking sites, and peer-to-peer communications technology.”

With online privacy an ever-increasing concern, this could quickly turn into a big fight in Congress. Stay tuned…

Returning to Street View

By Brad

Google’s Street View gaffe refuses to go away. The Hill’s Gautham Nagesh reports:

Reps. Mike Rogers (R-Mich.) and John Barrow (D-Ga.) want the Federal Communications Commission to examine an incident last year involving cars that take “street view” images for Google Maps. They called for the investigation in a letter sent to the FCC on Wednesday.

Last October, the Federal Trade Commission closed the book on its own investigation into the matter. No word yet on whether the FCC will take a look themselves.

Do Not Track

By Brad

The issue of online tracking by companies has been floating around the halls of Washington the past few years. Now, Wired’s Ryan Singel reports, it’s being tackled in bill form by Rep. Jackie Speier (D-CA):

The bill, known as the Do-Not-Track-Me-Online Act, intends to let people choose a no-tracking setting in their browser and have companies obey that setting. The rules would mainly apply to companies whose primary business is collecting and analyzing data, but has loopholes for companies that collect data to improve their own services. Under those provisions, the FTC could rule website-analytics software to be legal.

The FTC asked browser makers in December to include a Do-Not-Track button in their browser, and called on online-advertising companies to agree to obey the settings. The setting is already available in beta builds of Firefox, and will soon be integrated into Chrome and IE as well.

Speier’s legislation seems directed at behavioral-tracking companies that track users around the web — usually without their knowledge — in order to create marketing profiles about users. The info is then used to serve targeted ads, which can be sold at a premium to advertisers.

Endorsement From the FTC

By David

In an interview with Bianca Bosker of the Huffington Post about the challenges of protecting privacy online, Federal Trade Commission Chairman Jon Leibowitz weighed in on the other big Internet issue currently being tackled in Washington:

Liebowitz also endorsed proposed recent new rules from the Federal Communications Commission aimed at barring large Internet providers from impeding Web traffic flowing to sites that partner with competitors.

Though critics have argued that the FCC’s plan is riddled with loop holes, the FTC Chairman portrayed them as the best that could be hoped for given the need to balance competing interests.

He turned a more critical eye on the net neutrality debate, seeing little truth to the “dystopian future” dreamed up by net neutrality’s advocates and opponents.

“There’s a little disconnect between the reality of net neutrality and the big fight of net neutrality,” said Leibowitz.

A Conversation With TechCrunch — Part 8

By Brad

Our Co-Chairs Bruce Mehlman and David Sutphen recently chatted with Andrew Keen from TechCrunch about last week’s election, the road ahead for the FCC, and how President Obama can “win back Silicon Valley.” The conversations have been broken up into a series, and TechCrunch has been kind enough to allow us to post them here throughout the week.

In this episode: whether online privacy will be the next big issue once the new Congress takes charge.

Taking on Privacy

By Brad

Via Cecilia Kang of the Washington Post, Rep. Joe Barton of Texas — one of the names being kicked around for chairman of the Energy and Commerce committee — wants the next Congress to tackle the issue of privacy in the Internet age:

“I want the Internet economy to prosper, but it can’t unless the people’s right to privacy means more than a right to hear excuses after the damage is done,” Barton said in a release on how third-party developers shared Facebook user information. “In the next Congress, the Energy and Commerce Committee and our subcommittees are going to put Internet privacy policies in the crosshairs.”

With major players like Google and Facebook already under fire over privacy concerns, the issue could turn into a big fight in Washington. Stay tuned…

Keep Those Wi-Fi Networks Secured

By Brad

Last May, it was revealed Google had accidentally collected private information from personal WiFi networks as part of its StreetView program. The revelation set off a firestorm, especially in Europe, with countries launching investigations into the matter.

Fast forward to last Friday, and an official blog post from Google’s Senior VP of Engineering & Research, Alan Eustace:

I would like to take this opportunity to update one point in my May blog post. When I wrote it, no one inside Google had analyzed in detail the data we had mistakenly collected, so we did not know for sure what the disks contained. Since then a number of external regulators have inspected the data as part of their investigations (seven of which have now been concluded). It’s clear from those inspections that while most of the data is fragmentary, in some instances entire emails and URLs were captured, as well as passwords. We want to delete this data as soon as possible, and I would like to apologize again for the fact that we collected it in the first place. We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users.

In response to Google’s admittance, Sara Jerome of The HIll reports that Rep. Edward Markey (D-Mass) is “disturbed” by the entire ordeal:

“This is unacceptable,” Markey said. “Consumers should never have to fear that their Wi-Fi could morph into ‘Spy-Fi.’”

He said that as the House considers privacy legislation, he will monitor the issue and that it will “help to inform the legislative process moving forward.”

At the end of the day — and however this shakes out for Google — this whole mess serves as a handy reminder that if you have a Wi-Fi network at your home, make sure it’s behind some sort of password. You never know who might be snooping.

Security Breach

By Brad

With online privacy concerns becoming a hot topic in the Beltway, this morning’s report from Emily Steel and Geoffrey A. Fowler of the Wall Street Journal on an apparent Facebook security breach is already garnering a lot of attention:

Many of the most popular applications, or “apps,” on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people’s names and, in some cases, their friends’ names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found.

The issue affects tens of millions of Facebook app users, including people who set their profiles to Facebook’s strictest privacy settings. The practice breaks Facebook’s rules, and renews questions about its ability to keep identifiable information about its users’ activities secure.

The problem has ties to the growing field of companies that build detailed databases on people in order to track them online—a practice the Journal has been examining in its What They Know series. It’s unclear how long the breach was in place. On Sunday, a Facebook spokesman said it is taking steps to “dramatically limit” the exposure of users’ personal information.

The Privacy Issue

By Brad

In privacy news, Juliana Gruenwald from Tech Daily Dose reports that the Electronic Privacy Information Center (EPIC) has launched an effort to make privacy concerns a major campaign issue:

[T]he Privacy 2010 campaign… provides a list of 10 questions that can be posed to candidates for offices at all levels of government for this fall’s midterm elections. The list includes whether candidates oppose the federal government’s plan to install body scanners in U.S. airports and calls to expand the National Security Agency’s surveillance authority and whether they support open Internet rules and online consumer privacy rights.

EPIC is not providing any campaign donations or backing any particular candidates. “The goal is to raise the visibility of privacy issues,” EPIC Executive Director Marc Rotenberg said.

EPIC’s “10 questions” are available at the Privacy 2010 website.

How to Know You’re Being Followed Online

By Brad

If a a number of online marketing associations have their way, you may start seeing this icon on many of the websites you visit. At the Wall Street Journal, Jennifer Valentino-DeVries explains why:

The icon… will indicate that the company is following self-regulatory principles. Along with the icon, a company can use phrases like “Why did I get this ad?” and “Ad Choices” to direct consumers to more information about behavioral data collection and privacy.

The companies involved in this new industry “need to talk to their audiences. They need to describe what they do, how they do it and the value it brings,” Randall Rothenberg, president of the Interactive Advertising Bureau, said in a statement.

Wiretap in the Internet Age

By Brad

Charlie Savage at the New York Times reports that federal law enforcement agencies and national security officials want new powers to wiretap suspects online:

Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.

This, obviously, would have some major privacy ramifications. But there are technical issues as well. More from Savage’s story:

James X. Dempsey, vice president of the Center for Democracy and Technology, an Internet policy group, said the proposal had “huge implications” and challenged “fundamental elements of the Internet revolution” — including its decentralized design.

“They are really asking for the authority to redesign services that take advantage of the unique, and now pervasive, architecture of the Internet,” he said. “They basically want to turn back the clock and make Internet services function the way that the telephone system used to function.”

The Obama administration hopes to submit the bill to Congress sometime in 2011.

Thoughts on Privacy

By Brad

Google CEO Eric Schmidt recently sat down with the Wall Street Journal to talk about the future of the company, mobile computing, and net neutrality. But it’s his thoughts on privacy that are creating waves:

“I don’t believe society understands what happens when everything is available, knowable and recorded by everyone all the time,” he says. He predicts, apparently seriously, that every young person one day will be entitled automatically to change his or her name on reaching adulthood in order to disown youthful hijinks stored on their friends’ social media sites.

“I mean we really have to think about these things as a society,” he adds. “I’m not even talking about the really terrible stuff, terrorism and access to evil things,” he says.

At Read Write Web, Marshall Kirpatrick responds:

I have long contended that people who are concerned about convincing young people to consider the long-term consequences of their actions and expect Internet companies to solve that timeless problem - are being unfair. But I still can’t help but shake my head at a suggestion like Schmidt’s.

And at TechDirt, Mike Masnick finds the comments condescending:

Yes, kids do all sorts of silly things, some of which they may regret later, it’s not as if everything they do is regrettable. On top of that, I tend to believe kids are a lot smarter than many adults make them out to be. While there may be many things that make adults cringe, I would bet a lot more kids understand what they should avoid doing online than adults give them credit for.

Leave a Comment

Tags: google, privacy, social media

Discuss

Permalink

Facebook’s Inevitable Privacy Suit

By Brad

Facebook has faced heat recently over its privacy policies. And now, Computer World reports, the inevitable class action lawsuit has been filed:

Merchant Law Group LLP filed the lawsuit on July 2 in Queen’s Bench court in Winnipeg, Manitoba. The law firm, which has class-action lawsuits as a large part of its business, filed the suit on behalf of Donald J. Woligroski, a Winnipeg resident and a registered Facebook user, and other class action members for an unspecified amount of damages.

The suit contends that Facebook subjected Woligroski to a breach of privacy and the misappropriation of his personal information. It also alleges that Facebook intentionally used his information for commercial purposes, calling the company’s actions “malicious, deliberate, and oppressive.”

Investigating Google

By Brad

Yesterday, news broke that as part of an investigation into Google’s StreetView wi-fi breach, a French security firm discovered private email passwords among the data collected. Now, Computer World reports, at least 30 states — led by Connecticut Attorney General Richard Blumenthal — may soon launch a joint investigation into the company’s conduct here in America:

The joint investigation will ask Google for additional information about its snatching of data from personal and business Wi-Fi networks using the company’s Street View vehicles, which have cruised U.S. streets and roads since 2007 as part of an effort to map wireless hot spots for mobile location purposes.

Calling the practice “deeply disturbing,” Blumenthal also said the inquiry will look into possible violations of state laws, and whether state and federal privacy laws need to be strengthened.

Passwords Unprotected

By Brad

The BBC reports that Google’s breach of privacy via its Street View program may have, in fact, been much worse than previously reported:

Google scooped up sensitive data such as passwords when putting together its Street View service, suggests an early look at the information.

The examination was carried out by French data protection agency CNIL as it decides whether to prosecute the search firm for gathering the data.

The data was gathered as Google logged wi-fi hotspots to help it develop location-based services.

Previously, Google said there was “no harm, no foul” in collecting the data.

With investigations already underway in Germany, Spain, Australia, New Zealand, Italy and Canada, this latest revelation — if true — could quickly turn into a major headache for Google. Stay tuned…

Google Hands Over the Data

By Brad

The fallout from Google’s admittance that it had inadvertently been capturing people’s private data as part of its StreetView program continues. As the Wall Street Journal reports, the company — which had previously balked at releasing the captured data to European regulators for investigation — will hand over the data after all:

The decision, confirmed by a Google spokeswoman, represents the company’s latest effort to mollify governments that were angered by the revelation in May that Google’s Street View services, which use camera-equipped vehicles to take street images and mark the location of Wi-Fi networks, for years had gathered data transmitted over unsecured networks used by residents and businesses.
The company will first hand data over to German, French and Spanish authorities.

The Journal goes on to report that some of the countries involved are contemplating criminal investigations into the privacy breach. Stay tuned…

Privacy Problems

By Brad

The fallout from Google admitting it had inadvertently been capturing snippets private data through its StreetView program continues to grow. Already, investigations have been launched in Germany, Italy, and France. And on Wednesday, the Washington Post reports, Reps. Edward Markey and Joe Barton sent a letter to the FTC urging them to investigate the matter. Later that same day, a Washington D.C. Council Member also called for an investigation into the matter, calling Google’s privacy breach “big brother-like.”

All in all, Google’s error isn’t that big of a deal. But that’s not stopping two people who left their WiFi networks open from filing a lawsuit against the company. At Techdirt, Mike Masnick calls out the litigants:

While there’s nothing illegal about setting up an open WiFi network—and, in fact, it’s often a very sensible thing to do—if you’re using an open WiFi network, it is your responsibility to recognize that it is open and any unencrypted data you send over that network can be seen by anyone else on the same access point.

This is clearly nothing more than a money grab by some people, and hopefully the courts toss it out quickly, though I imagine there will be more lawsuits like this one.