kottke.org posts about privacy
Soon, new iPhone owners will be able to use a fingerprint to access a phone or buy something on iTunes. Apple's introduction of this fingerprint technology adds a nice layer of security and a bit of convenience for those whose fingers are too tired to type in a four-digit password. But soon, we will be interacting with a lot more devices that have no screens, and biometrics will be the logical way to secure our data. Companies have already developed ways to identify you, from your fingerprints to your heartbeat. And while these methods certainly seem more effective than simple (and often easy-to-hack) passwords, it's a little worrisome that we'll essentially be sharing even more personal data, right down to our person. In order to give us the promise of more security, companies will want to know even more about us. It feels like we've passed a point of no return. So much about us is stored in the cloud (our finances, our communication, our social lives) that we can't turn back. The only way to protect what you've shared so far is to share some more. Protect your data with a password. Protect the password with some secret, personal questions. Protect all of that with your fingerprint or your heartbeat. Before long, you'll have to give a DNA swab to access a collection photos you took yourself. It's a trend worth watching. The last decade was about sharing. The next decade will be about protecting.
In a book called Three Felonies A Day, Boston civil rights lawyer Harvey Silverglate says that everyone in the US commits felonies everyday and if the government takes a dislike to you for any reason, they'll dig in and find a felony you're guilty of.
The average professional in this country wakes up in the morning, goes to work, comes home, eats dinner, and then goes to sleep, unaware that he or she has likely committed several federal crimes that day. Why? The answer lies in the very nature of modern federal criminal laws, which have exploded in number but also become impossibly broad and vague. In Three Felonies a Day, Harvey A. Silverglate reveals how federal criminal laws have become dangerously disconnected from the English common law tradition and how prosecutors can pin arguable federal crimes on any one of us, for even the most seemingly innocuous behavior. The volume of federal crimes in recent decades has increased well beyond the statute books and into the morass of the Code of Federal Regulations, handing federal prosecutors an additional trove of vague and exceedingly complex and technical prohibitions to stick on their hapless targets. The dangers spelled out in Three Felonies a Day do not apply solely to "white collar criminals," state and local politicians, and professionals. No social class or profession is safe from this troubling form of social control by the executive branch, and nothing less than the integrity of our constitutional democracy hangs in the balance.
In response to a question about what happens to big company CEOs who refuse to go along with government surveillance requests, John Gilmore offers a case study in what Silverglate is talking about.
We know what happened in the case of QWest before 9/11. They contacted the CEO/Chairman asking to wiretap all the customers. After he consulted with Legal, he refused. As a result, NSA canceled a bunch of unrelated billion dollar contracts that QWest was the top bidder for. And then the DoJ targeted him and prosecuted him and put him in prison for insider trading -- on the theory that he knew of anticipated income from secret programs that QWest was planning for the government, while the public didn't because it was classified and he couldn't legally tell them, and then he bought or sold QWest stock knowing those things.
This CEO's name is Joseph P. Nacchio and TODAY he's still serving a trumped-up 6-year federal prison sentence today for quietly refusing an NSA demand to massively wiretap his customers.
You combine this with the uber-surveillance allegedly being undertaken by the NSA and other governmental agencies and you've got a system for more or less automatically accusing any US citizen of a felony. Free society, LOL ROFLcopter.
Update: For the past two years, the Wall Street Journal has been "examining the vastly expanding federal criminal law book and its consequences". (thx, jesse)
From former call girl blogger Belle de Jour, a guide on how to publish online and maintain your anonymity.
You will need an email address to do things like register for blog accounts, Facebook, Twitter, and more. This email will have to be something entirely separate from your "real" email addresses. There are a lot of free options out there, but be aware that sending an email from many of them also sends information in the headers that could help identify you.
When I started blogging, I set up an email address for the blog with Hotmail. Don't do this. Someone quickly pointed out the headers revealed where I worked (a very large place with lots of people and even more computers, but still more information than I was comfortable with). They suggested I use Hushmail instead, which I still use. Hushmail has a free option (though the inbox allocation is modest), strips out headers, and worked for me.
Apple is going to modify their iOS software to force apps to prompt for address book access. From John Paczkowski at AllThingsD:
"Apps that collect or transmit a user's contact data without their prior permission are in violation of our guidelines*," Apple spokesman Tom Neumayr told AllThingsD. "We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release."
This is good news.
Details are finally starting to trickle out about how various iOS apps use the address book data on your phone. The Verge and Venture Beat both have good article on the subject. What they're finding is nowhere near the 13/15 ratio that Dustin Curtis reported last week but Curtis has also said:
Second, for obvious reasons, I promised the developers I reached out to that I would never reveal who they are. Many of them have, since last week, changed their practices.
What I like about The Verge and VB articles is that they both end with Apple's role in all this. In a future release, Apple should make sure that rogue parties can't do stuff like this. If you're going to have a store where every app has to be approved for the good of the end users and the integrity of the system, this is *exactly* the type of thing they should be concerned with.
Update: Insider did some digging as well.
Yesterday, developer Arun Thampi noticed that the Path iPhone app uploads a user's address book to their server without asking the user first. And by address book, I mean all the phone numbers and addresses and email addresses of everyone in your phone's address book just gets sent off to Path. And not only that, Path stored that information on its server. To their credit, Path apologized and deleted the data from their server.
But this is a larger problem than just Path. In a post from earlier today, Dustin Curtis reveals the dirty little secret of iPhone developers everywhere.
It's not really a secret, per se, but there's a quiet understanding among many iOS app developers that it is acceptable to send a user's entire address book, without their permission, to remote servers and then store it for future reference. It's common practice, and many companies likely have your address book stored in their database. Obviously, there are lots of awesome things apps can do with this data to vastly improve user experience. But it is also a breach of trust and an invasion of privacy.
I did a quick survey of 15 developers of popular iOS apps, and 13 of them told me they have a contacts database with millons of records. One company's database has Mark Zuckerberg's cell phone number, Larry Ellison's home phone number and Bill Gates' cell phone number. This data is not meant to be public, and people have an expectation of privacy with respect to their contacts.
13 out of 15! Zuckerberg's cell phone number! Maybe I'm being old-fashioned here, but this seems unequivocally wrong. Any app, from Angry Birds to Fart App 3000, can just grab the information in your address book without asking? Hell. No. And Curtis is right in calling Apple out about this...apps should not have access to address book information without explicitly asking. But now that the horse is out of the barn, this "quiet understanding" needs to be met with some noisy investigation. What happened to Path needs to happen to all the other apps that are storing our data. There's an opportunity here for some enterprising data journalist to follow Thampi's lead: investigate what other apps are grabbing address book data and then ask the responsible developers the same questions that were put to Path.
Update: I am aware of this very confusing display of data from the Wall Street Journal. It indicates that of the ~50 iPhone apps surveyed, only three (Angry Birds, Facebook, and TextPlus 4) transmit address book data to a server. That's not exactly the widespread problem that Curtis describes (the data sets are likely different)...it would be nice to see the net cast a bit wider.
Update: Oh, and that WSJ survey is two years old. (thx, @marcprecipice)
I take this to mean that any iPhone app can download your address book to their servers? What. The. Hell! Apple?
Upon inspecting closer, I noticed that my entire address book (including full names, emails and phone numbers) was being sent as a plist to Path. Now I don't remember having given permission to Path to access my address book and send its contents to its servers, so I created a completely new "Path" and repeated the experiment and I got the same result - my address book was in Path's hands.
Paul Ford is writing on Ftrain.com again and it's just super. Today's post is a short story that extrapolates our present cultural preoccupation with lawsuits, privacy, and surveillance into a future where anyone can bring a lawsuit for copyright violations against a fetus.
We had gone to a baseball game at the beginning of the season. They had played a song on the public address system, and she sang along without permission. They used to factor that into ticket price -- they still do if you pay extra or have a season pass -- but now other companies handled the followup. And here was the video from that day, one of many tens of thousands simultaneously recorded from gun scanners on the stadium roof. In the video my daughter wore a cap and a blue T-shirt. I sat beside her, my arm over her shoulder, grinning. Her voice was clear and high; the ambient roar of the audience beyond us filtered down to static.
After months and years of complaints, Google is now allowing users to opt-out of its service by moving them to a remote mountain village.
From Porch to Patio, a 1975 piece by Richard Thomas, discusses the transition in American society from the semi-public gathering place in front of a house to the private space in the back.
When a family member was on the porch it was possible to invite the passerby to stop and come onto the porch for extended conversation. The person on the porch was very much in control of this interaction, as the porch was seen as an extension of the living quarters of the family. Often, a hedge or fence separated the porch from the street or board sidewalk, providing a physical barrier for privacy, yet low enough to permit conversation.
When people started moving out to new buildings in the suburbs, the patio emerged to provide the privacy for these urban refugees.
The patio was an extension of the house, but far less public than the porch. It was easy to greet a stranger from the porch but exceedingly difficult to do so from the backyard patio. While the porch was designed in an era of slow movement, the patio is part of a world which places a premium on speed and ease of access. The father of a nineteenth-century family might stop on the porch on his way into the house, but the suburban man wishes to enter the house as rapidly as possible to accept the shelter that the house provides from the mass of people he may deal with all day.
(via front porch republic)
In an anonymity experiment, Catherine Price attempts to recover some of her privacy by living off the information grid.
Pay for everything in cash. Don't use my regular cellphone, landline or e-mail account. Use an anonymizing service to mask my Web surfing. Stay away from government buildings and airports (too many surveillance cameras), and wear a hat and sunglasses to foil cameras I can't avoid. Don't use automatic toll lanes.
For the bit about the cellphone, I'm surprised that she didn't slip it into an antistatic or other foil-lined bag while it wasn't in use.
In the 1970s, Japanese photograhper Kohei Yoshiyuki stumbled upon a couple in a park engaged in sexual activity in the darkness and, somewhat more curiously, two men creeping towards the couple, watching them. Over many months, he followed these voyeurs in the park, befriended them, and outfitted his camera with an infrared flash so as to blend into the crowded darkness. The result is a fantastic series of photos called The Park. As you can see in the photo below, Yoshiyuki even caught some of the peeping toms touching their "visual prey".
Yoshiyuki's photographs explore the boundaries of privacy, an increasingly rare commodity. Ironically, we may reluctantly accommodate ourselves to being watched at the A.T.M., the airport, in stores, but our appetite for observing people in extremely personal circumstances doesn't seem to wane.
The NY Times has an audio slideshow of some images from The Park, which is on display at the Yossi Milo gallery in NYC until October 20 (more photos). A book of Yoshiyuki's photography is available at Amazon.
The Times article mentions several photographers whose work is similar to Yoshiyuki's. Merry Alpern took photographs through a window of prostitutes plying their trade with Wall Street businessmen. Weegee used an infrared flash to capture kissing couples at the movie theater (although it seems that particular shot was staged) and on the beach at Coney Island (last photo here). Walker Evans photographed people on the subway without their knowledge.
William Gibson speaking on secrecy:
It is becoming unprecedentedly difficult for anyone, anyone at all, to keep a secret. In the age of the leak and the blog, of evidence extraction and link discovery, truths will either out or be outed, later if not sooner. This is something I would bring to the attention of every diplomat, politician and corporate leader: the future, eventually, will find you out. The future, wielding unimaginable tools of transparency, will have its way with you. In the end, you will be seen to have done that which you did.
Taken from Alex Steffen's talk at PopTech.
I was wondering much the same thing as Michael re: iTunes phoning home with your listening history. Isn't that what we want? Our software watching and making recommendations for us...isn't that helpful? Providing better, more targetted advertising (if we have to have advertising, it should be useful)? There are privacy concerns and companies should be clearer about what's going on, but I don't mind if the software I use is a little smarter.
Stephanie Hendrick has tracked down the identity of an anonymous blogger (she matched them to a non-anonymous blog) using linguistic identity markers. See also secret sites. (via j/t)
Friendster has a new feature...you can tell who has looked at your profile (feature is on by default and you can turn it off...if you're even aware of it in the first place). If I still used Friendster (not that I ever really did), I'm not sure how I would feel about this. On the one hand, you can tell if someone's interested in you (that guy you just met at the bar found your page as soon as he got home), but on the other hand, you might not want the girl you have a crush on to know you're obsessively reloading her page to check for updates. (Also, imagine if they added this to LiveJournal...)
A citizen's guide to refusing NYC subway searches. "As innocent citizens become increasingly accustomed to being searched by the police, politicians and police agencies are empowered to further expand the number of places where all are considered guilty until proven innocent."
FAQ: How Real ID will affect you. So nice that they snuck it in on a completely unrelated bill like that...I don't remember that aspect of gov't being explained in that Schoolhouse Rock song about the bill.
Bruce Schneier on how to mitigate identity theft. "If we're ever going to manage the risks and effects of electronic impersonation, we must concentrate on preventing and detecting fraudulent transactions."