 | Deaf on @HouseJudiciary hearing on #co… |
 | joly on @HouseJudiciary hearing on #co… |
| joly on WEBCAST FRI AM: Bandwidth for … |
| Deaf on @Article19org launches “… |
 | Glenn McKnight on WEBCAST FRI AM: Bandwidth for … |
Cybertelecom News The Internet Distinction WCIT Scoop
Peter Hustinx, the European Data Protection Supervisor, was interviewed at the recent INET Frankfurt on Feb 23 2011. His topic: Protecting Internet security and privacy. Brief video here or below.
On Feb 16 2011 Fordham Law School’s Center on Law and Information Policy will host NYU Professor Helen Nissenbaum talking about her new book “Privacy in Context: Technology, Policy and the Integrity of Social Life.”
What: Privacy in Context: Technology, Policy and the Integrity of Social Life
When: Wednesday, February 16 4:30pm
Where: Room 204, Fordham Law School, 140 W. 62 St. NYC
RSVP: clip@law.fordham.edu – Public welcome.
On Jan 18, as part of the Congressional Internet Caucus Advisory Committee State of the Net Conference 2011, a panel The Clouding of Internet Policy: A Perfect Storm for U.S. Security & Privacy Policy? discussed issues of privacy and secirity, and the further regulatory implications of cloud computing.
Moderator
Roger Cochetti, RJC Associates
Panel
Following the FTC’s Do-Not-Track button proposal of late last year, Mozilla has revealed details of its implementation in Firefox.
The option would allow users to transmit a Do Not Track HTTP header with every click or page view in Firefox, to provide a way for people to opt-out of online behavioral advertising (OBA).
1/24 Julia Angwin Web Tool On Firefox To Deter Tracking (WSJ)
1/25 Christina Warren Mozilla & Google Announce Browser “Do Not Track” Features (Mashable)
2/11 Gavin Clarke Microsoft sends IE9 ‘do-not-track’ tech to W3C (The Register)
4/13 Wall Street Journal reports that Apple will implement the Firefox header method in Safari.
Kevin Bankston of the EFF reports a landmark decision issued today in the criminal appeal of U.S. v. Warshak, the Sixth Circuit Court of Appeals has ruled that the government must have a search warrant before it can secretly seize and search emails stored by email service providers. Closely tracking arguments made by EFF in its amicus brief, the court found that email users have the same reasonable expectation of privacy in their stored email as they do in their phone calls and postal mail.
The court held,
Given the fundamental similarities between email and traditional forms of communication [like postal mail and telephone calls], it would defy common sense to afford emails lesser Fourth Amendment protection…. It follows that email requires strong protection under the Fourth Amendment; otherwise the Fourth Amendment would prove an ineffective guardian of private communication, an essential purpose it has long been recognized to serve…. [T]he police may not storm the post office and intercept a letter, and they are likewise forbidden from using the phone system to make a clandestine recording of a telephone call–unless they get a warrant, that is. It only stands to reason that, if government agents compel an ISP to surrender the contents of a subscriber’s emails, those agents have thereby conducted a Fourth Amendment search, which necessitates compliance with the warrant requirement..
The decision essentially invalidates the Stored Communications Act, so it will either be appealed up to the Supreme Court, or Congress shall have to do some fixing.
Reaction:
In another 4th Amendment court decision this week the 3rd U.S. Circuit Court of Appeals rejected the Obama administration’s contention that the government is never required to get a court warrant to obtain cell-site information that mobile-phone carriers retain on their customers.
The New York Technology Council presented the second panel in its Innovations in Media Series – Advertising Technology: How has technology reshaped the advertising business model? – at CUNY Graduate Center NYC on Dec 2 2010. Coming directly on the heels of the FTC’s announcement of a proposed Do-Not-Track framework, a stimulating discussion on the trade-offs between privacy and commerce.
PANELISTS
Joseph Plummer, Sr. Associate, Olson Zaltman Associates and Associate Professor at Columbia Business School
Ari Bluman, President, North American Sales & Operations, 24/7 Real Media
Brian Adams, Chief Technology Officer, AdMeld
MODERATOR
Stuart Elliott, Columnist, The New York Times
The Federal Trade Commission is considering a ”Do Not Track” approach in a proposed framework for consumer privacy.
The preliminary staff report notes that current ‘opt-out’ mechanisms are piecemeal and ineffective, and concludes:
Given these limitations, Commission staff supports a more uniform and comprehensive consumer choice mechanism for online behavioral advertising, sometimes referred to as “Do Not Track.”Such a universal mechanism could be accomplished by legislation or potentially through robust, enforceable self-regulation. The most practical method of providing uniform choice for online behavioral advertising would likely involve placing a setting similar to a persistent cookie on a consumer’s browser and conveying that setting to sites that the browser visits, to signal whether or not the consumer wants to be tracked or receive targeted advertisements. To be effective, there must be an enforceable requirement that sites honor those choices.
The staff proposes further discussion on several issues:
1) that such a “universal choice mechanism” should not “undermine the benefits that online behavioral advertising has to offer”
2) that the mechanism should preferably be a “browser-based mechanism through which consumers could make persistent choices” – i.e. a browser “Do Not Track” button.
3) that provision may have to be made for selective opt-in within the opt-out mechanism.
4) that the mechanism be simple
5) that the mechanism be comprehensive, i.e include mobile
6) that it be mandatory
In a response in the report’s appendix, Commissioner William E. Kovacic has qualms. He raises some interesting questions about the economic effects of such a mechanism on advertising supported free web content:
It is possible that if online content providers can deny free access to those who opt out of tracking, they can prevent free riding. Setting prices is costly; if willingness to pay to avoid tracking varies substantially, the informational requirements to set access prices will be large. For a number of content providers, a price-for-content model is likely to provide less revenue than monetization via advertising; that most websites choose an ad-driven model rather than a direct fee model suggests that the former is a more efficient means than the latter to monetize content in most circumstances. At the margin – which may be large – forcing firms away from their revealed-preferred method of monetization may reduce revenue and hence degrade quality. In discussing whether website content might be degraded by consumers choosing not to be tracked, how, if at all, should such risks impact the Commission’s analysis?
Commentary:
Joly, good points to raise.
I think people will be willing to give up some privacy for good content. The alternate, getting content without targeted ads but with 3 times more random advertising, may be one way content providers can incentivize viewers to opt-in.
Should companies SELLING stuff that you are merely BROWSING (that is, NOT offering pure content) are the ones I am more worried about tracking people without their consent. If NYTimes, Newsday, CNN want to track what stories I like, and offer me more relevant content, with relevant advertising (but not selling my data to others) I do not see the problem with that.
If I want the content free, they need to make money somehow to afford giving it to me free.
Just my 2 cents (without tracking 
).
Imran
Hi Imran
This issue was discussed in some depth at the NY Tech Council panel earlier this evening – I will be posting video shortly. The feeling within the business is that targeted advertising benefits both customers (less & more appropriate advertising) and advertisers (less wastage – higher rates of return) to such an extent that wholesale inhibition not only makes no sense but is against the civic interest. Where vigilance and perhaps regulation is needed in restricting further uses of that data to build and market personal profiles of users against their wishes. What the FTC proposal does, in keeping with the Internet Society’s own emphasis on Usercentricity, is put the options firmly in the hands of the individual, and is to be applauded for that. But the devil is in the details. One panelist pointed out to me one incongruity after the event that if ‘Do Not Track’ (DNT?) visitors to an otherwise free site have to pay – the very payments will mean that they are more thoroughly documented than casual tracked visitors. On the other hand that could be a business opportunity for some entrepreneur to create some form of anonymous cash like micropayment system for just such purposes…
Thanks, Joly. I see the video clip above. Thanks for posting.
That speaker made a very valid observation. The law of unintended consequences. At the same time, part of the problem is that no good deed goes unpunished. The very “security” and “anonymity” that the freedom of the Internet provides is used as a weapon by the very people who would destroy us, our freedoms and our ways of lives.
Regards
Imran
Now posted at http://www.isoc-ny.org/p2/?p=1583
On Dec 2 a hearing : “Do-Not-Track Legislation: Is Now the Right Time?” – was held on this topic by the Committee on Energy and Commerce’s Subcommittee on Commerce, Trade and Consumer Protection.
A couple more links courtesy of Jamela Debelak
CNET reports on a California suit against Disney, Warner Bros, and some other big pockets. The suit alleges that, on their behalf, Clearspring (famous as the creators of ShareThis) used Flash cookies to re-install deleted http cookies on user’s machines, contravening the Computer Fraud and Abuse Act, California’s Computer Crime law, and that state’s Invasion of Privacy Act. The filers are seeking class action status.
One comment on the story adds a cautionary note:
browsers have options to disable third-party cookies, but like http cookies, it removes functionality from websites. now, this all wouldnt be a problem if the user would just clear cookies every time they open or close their browser. which brings us to Local Shared Objects (LSO), better known as flash cookies because right now only Adobe Flash makes use of it. however, when HTML5 becomes standard, H.264 will make use of LSO as well. right now, Adobe doesnt allow flash cookies to read across domains, so for now, we dont have to worry about privacy issues on that front. i very much doubt HTML5 will come with the same guarantee.
The Digital Due Process Coalition brings to gether such unlikely bedfellows as CDT, Google, AT&T, Microsoft, Yahoo!, AOL and the ACLU, along with some lawyers that ISOC-NY webcast viewers will be well familiar with like Susan Crawford, James Grimmelmann, Frank Pasquale, & David Post, united in the purpose of advocating reform of The Electronic Communications Privacy Act (ECPA) of 1986.
The ECPA is the statute under which the federal government can snoop into your email, and enforce co-operation in its efforts from ISPs. The move to cloud computing has nullified many of the protections in the act, and providers are facing increasing demands for access from law enforcement. The DDPC is demanding an overhaul of the statute, and a return to due process = warrants before they hand over users missives.
The New Jersey Supreme Court on Tuesday gave workers in New Jersey an assurance of privacy in using workplace computers to talk with their lawyers, ruling a company’s e-mail-monitoring policy yields to the attorney-client privilege.
Chief Justice Stuart Rabner, writing for the unanimous court in Stengart v. Loving Care Agency Inc., A-16-09, said a plaintiff in an employment discrimination suit against her employer had a reasonable expectation that e-mails to and from her attorney on her personal Yahoo account would be private, although transmitted via a company-owned laptop.
While finding the employer’s policy ambiguous in its reach, Rabner said that “even a more clearly written company manual — that is, a policy that banned all personal computer use and provided unambiguous notice that an employer could retrieve and read an employee’s attorney-client communications, if accessed on a personal, password-protected e-mail account using the company’s computer system — would not be enforceable.”
Prof. Nissenbaum spoke at Dartmouth College last May on the topic: What’s Wrong with Behavioral Advertising?